{"id":24829333,"url":"https://github.com/bitflight-devops/github-action-jira-find-issue-keys","last_synced_at":"2025-10-14T02:32:05.389Z","repository":{"id":38172897,"uuid":"373954350","full_name":"bitflight-devops/github-action-jira-find-issue-keys","owner":"bitflight-devops","description":"Jira issues are discovered in the commit history, branch name, pull request title and listed as an output","archived":false,"fork":false,"pushed_at":"2023-09-21T17:50:29.000Z","size":14228,"stargazers_count":1,"open_issues_count":3,"forks_count":3,"subscribers_count":0,"default_branch":"main","last_synced_at":"2025-09-24T00:49:35.231Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/bitflight-devops.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2021-06-04T20:37:27.000Z","updated_at":"2023-11-30T15:04:30.000Z","dependencies_parsed_at":"2023-02-18T10:46:02.823Z","dependency_job_id":null,"html_url":"https://github.com/bitflight-devops/github-action-jira-find-issue-keys","commit_stats":{"total_commits":57,"total_committers":3,"mean_commits":19.0,"dds":0.03508771929824561,"last_synced_commit":"31b85dc83e863e72cf787155a1289123e0857fff"},"previous_names":[],"tags_count":25,"template":false,"template_full_name":null,"purl":"pkg:github/bitflight-devops/github-action-jira-find-issue-keys","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bitflight-devops%2Fgithub-action-jira-find-issue-keys","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bitflight-devops%2Fgithub-action-jira-find-issue-keys/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bitflight-devops%2Fgithub-action-jira-find-issue-keys/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bitflight-devops%2Fgithub-action-jira-find-issue-keys/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/bitflight-devops","download_url":"https://codeload.github.com/bitflight-devops/github-action-jira-find-issue-keys/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bitflight-devops%2Fgithub-action-jira-find-issue-keys/sbom","scorecard":{"id":240210,"data":{"date":"2025-08-11","repo":{"name":"github.com/bitflight-devops/github-action-jira-find-issue-keys","commit":"31b85dc83e863e72cf787155a1289123e0857fff"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":2.9,"checks":[{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Code-Review","score":0,"reason":"Found 1/26 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Info: jobLevel 'actions' permission set to 'read': .github/workflows/codeql-analysis.yml:21","Info: jobLevel 'contents' permission set to 'read': .github/workflows/codeql-analysis.yml:22","Warn: no topLevel permission defined: .github/workflows/codeql-analysis.yml:1","Warn: no topLevel permission defined: .github/workflows/create_tag.yml:1","Warn: no topLevel permission defined: .github/workflows/find-issue-key.yml:1","Warn: no topLevel permission defined: .github/workflows/publish_action.yml:1","Warn: no topLevel permission defined: .github/workflows/pull_request_cleanup_tags_and_releases.yml:1","Warn: no topLevel permission defined: .github/workflows/push_code_linting.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: MIT License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'main'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/bitflight-devops/github-action-jira-find-issue-keys/codeql-analysis.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/bitflight-devops/github-action-jira-find-issue-keys/codeql-analysis.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/bitflight-devops/github-action-jira-find-issue-keys/codeql-analysis.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/create_tag.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/bitflight-devops/github-action-jira-find-issue-keys/create_tag.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/create_tag.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/bitflight-devops/github-action-jira-find-issue-keys/create_tag.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/create_tag.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/bitflight-devops/github-action-jira-find-issue-keys/create_tag.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/create_tag.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/bitflight-devops/github-action-jira-find-issue-keys/create_tag.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/find-issue-key.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/bitflight-devops/github-action-jira-find-issue-keys/find-issue-key.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/find-issue-key.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/bitflight-devops/github-action-jira-find-issue-keys/find-issue-key.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish_action.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/bitflight-devops/github-action-jira-find-issue-keys/publish_action.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/pull_request_cleanup_tags_and_releases.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/bitflight-devops/github-action-jira-find-issue-keys/pull_request_cleanup_tags_and_releases.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/pull_request_cleanup_tags_and_releases.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/bitflight-devops/github-action-jira-find-issue-keys/pull_request_cleanup_tags_and_releases.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/push_code_linting.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/bitflight-devops/github-action-jira-find-issue-keys/push_code_linting.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/push_code_linting.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/bitflight-devops/github-action-jira-find-issue-keys/push_code_linting.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/push_code_linting.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/bitflight-devops/github-action-jira-find-issue-keys/push_code_linting.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/push_code_linting.yml:47: update your workflow using https://app.stepsecurity.io/secureworkflow/bitflight-devops/github-action-jira-find-issue-keys/push_code_linting.yml/main?enable=pin","Info: 0 out of 8 GitHub-owned GitHubAction dependencies pinned","Info: 0 out of 8 third-party GitHubAction dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"SAST","score":7,"reason":"SAST tool detected but not run on all commits","details":["Info: SAST configuration detected: CodeQL","Warn: 0 commits out of 6 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":0,"reason":"24 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-968p-4wvh-cqc8","Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92","Warn: Project is vulnerable to: GHSA-h5c3-5r3r-rr8q","Warn: Project is vulnerable to: GHSA-rmvr-2pp2-xj38","Warn: Project is vulnerable to: GHSA-xx4v-prfh-6cgc","Warn: Project is vulnerable to: GHSA-wf5p-g6vw-rhxx","Warn: Project is vulnerable to: GHSA-jr5f-v2jv-69x6","Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw","Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg","Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275","Warn: Project is vulnerable to: GHSA-ghr5-ch3p-vcr6","Warn: Project is vulnerable to: GHSA-67mh-4wv8-2f99","Warn: Project is vulnerable to: GHSA-jchw-25xp-jwwc","Warn: Project is vulnerable to: GHSA-cxjh-pqwp-8mfp","Warn: Project is vulnerable to: GHSA-fjxv-7rqg-78g4","Warn: Project is vulnerable to: GHSA-9pv7-vfvm-6vr7","Warn: Project is vulnerable to: GHSA-78xj-cgh5-2h22","Warn: Project is vulnerable to: GHSA-2p57-rm9w-gvfp","Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv","Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw","Warn: Project is vulnerable to: GHSA-f5x3-32g6-xq36","Warn: Project is vulnerable to: GHSA-52f5-9888-hmc6","Warn: Project is vulnerable to: GHSA-j8xg-fqg3-53r7","Warn: Project is vulnerable to: GHSA-f9xv-q969-pqx4"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-17T06:34:36.399Z","repository_id":38172897,"created_at":"2025-08-17T06:34:36.399Z","updated_at":"2025-08-17T06:34:36.399Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":279017690,"owners_count":26086126,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-14T02:00:06.444Z","response_time":60,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2025-01-30T23:05:24.692Z","updated_at":"2025-10-14T02:32:04.369Z","avatar_url":"https://github.com/bitflight-devops.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003c!-- start title --\u003e\n\n# GitHub Action: Find Jira Issue Keys In GitHub Event\n\n\u003c!-- end title --\u003e\n\u003c!-- start description --\u003e\n\nThis action will find the issue keys in the GitHub event and return them as a comma separated list\n\n\u003c!-- end description --\u003e\n\n## Action Usage\n\n\u003c!-- start usage --\u003e\n\n```yaml\n- uses: bitflight-devops/github-action-jira-find-issue-keys@v1.1.11\n with:\n # The github token used for authenticating to GitHub\n token: ''\n\n # Find from predefined place. Can be 'branch', 'pull_request', 'string', or\n # 'commits', default is 'commits'\n # Default: commits\n from: ''\n\n # A string to search for issues\n # Default:\n string: ''\n\n # A comma separated list of project names to include in the results by, i.e.\n # DEVOPS,PROJECT1\n # Default:\n projects: ''\n\n # A comma separated list of project names to exclude from the results by, i.e.\n # INTERNAL,PROJECT2\n projects_ignore: ''\n\n # When parsing commit messages, include merge and pull messages. This is disabled\n # by default, to exclude tickets that may be included or fixed in other branches\n # or pull requests.\n # Default: false\n include_merge_messages: ''\n\n # The Git Head Ref to which commit messages will be collected up to. If the\n # base_ref is included, and the github event is a pull_request or push, The\n # head_ref from the event will be used.\n head_ref: ''\n\n # The Git Base Ref to which commit messages will be collected up from.\n base_ref: ''\n\n # Should the commit messages be ignored when looking for issues\n # Default: false\n ignore_commits: ''\n\n # The URL of the GitHub API to use. This allows those with GitHub Enterprise to\n # use the GitHub Enterprise API.\n github_api_url: ''\n\n # The version of the GitHub Enterprise Server to use. This allows those with\n # GitHub Enterprise to use the GitHub Enterprise API. Available versions to use:\n # 3.2, 3.3, 3.4, 3.5\n # Default: 3.5\n github_enterprise_server_version: ''\n\n # The Jira cloud base url including protocol i.e. 'https://company.atlassian.net'\n # or use environment variable JIRA_BASE_URL\n jira_base_url: ''\n\n # The Jira cloud user email address or use environment variable JIRA_USER_EMAIL\n jira_user_email: ''\n\n # The Jira cloud user api token or use environment variable JIRA_API_TOKEN\n jira_api_token: ''\n\n # If there is an error during transition, the action will error out.\n # Default: false\n fail_on_error: ''\n\n # Should the pull request be updated with the Jira issue keys found\n # Default: false\n update_pull_request: ''\n```\n\n\u003c!-- end usage --\u003e\n\n## GitHub Action Inputs\n\n\u003c!-- start inputs --\u003e\n\n| **Input** | **Description** | **Default** | **Required** |\n| -------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------- | ------------ |\n| **`token`** | The github token used for authenticating to GitHub | | **false** |\n| **`from`** | Find from predefined place. Can be 'branch', 'pull_request', 'string', or 'commits', default is 'commits' | `commits` | **false** |\n| **`string`** | A string to search for issues | | **false** |\n| **`projects`** | A comma separated list of project names to include in the results by, i.e. DEVOPS,PROJECT1 | | **false** |\n| **`projects_ignore`** | A comma separated list of project names to exclude from the results by, i.e. INTERNAL,PROJECT2 | | **false** |\n| **`include_merge_messages`** | When parsing commit messages, include merge and pull messages. This is disabled by default, to exclude tickets that may be included or fixed in other branches or pull requests. | `false` | **false** |\n| **`head_ref`** | The Git Head Ref to which commit messages will be collected up to. If the base_ref is included, and the github event is a pull_request or push, The head_ref from the event will be used. | | **false** |\n| **`base_ref`** | The Git Base Ref to which commit messages will be collected up from. | | **false** |\n| **`ignore_commits`** | Should the commit messages be ignored when looking for issues | | **false** |\n| **`github_api_url`** | The URL of the GitHub API to use. This allows those with GitHub Enterprise to use the GitHub Enterprise API. | | **false** |\n| **`github_enterprise_server_version`** | The version of the GitHub Enterprise Server to use. This allows those with GitHub Enterprise to use the GitHub Enterprise API. Available versions to use: 3.2, 3.3, 3.4, 3.5 | `3.5` | **false** |\n| **`jira_base_url`** | The Jira cloud base url including protocol i.e. 'https://company.atlassian.net' or use environment variable JIRA_BASE_URL | | **false** |\n| **`jira_user_email`** | The Jira cloud user email address or use environment variable JIRA_USER_EMAIL | | **false** |\n| **`jira_api_token`** | The Jira cloud user api token or use environment variable JIRA_API_TOKEN | | **false** |\n| **`fail_on_error`** | If there is an error during transition, the action will error out. | `false` | **false** |\n| **`update_pull_request`** | Should the pull request be updated with the Jira issue keys found | | **false** |\n\n\u003c!-- end inputs --\u003e\n\n## GitHub Action Outputs\n\n\u003c!-- start outputs --\u003e\n\n| \\***\\*Output\\*\\*** | \\***\\*Description\\*\\*** | \\***\\*Default\\*\\*** | \\***\\*Required\\*\\*** |\n| ------------------- | ------------------------------------------------------------------------------------------ | ------------------- | -------------------- |\n| `projects_included` | A comma separated list of projects from the 'projects' input provided | undefined | undefined |\n| `projects_excluded` | A comma separated list of ignored projects from the 'projects_ignore' input provided | undefined | undefined |\n| `projects_found` | A comma separated list of project names to include in the results by, i.e. DEVOPS,PROJECT1 | undefined | undefined |\n| `issue` | The first Jira issue key found in the event | undefined | undefined |\n| `issues` | A comma separated list of all Jira Issues found | undefined | undefined |\n| `title_issues` | A comma separated list of Jira Issues found in the pull_request title | undefined | undefined |\n| `commit_issues` | A comma separated list of Jira Issues found in the commits provided | undefined | undefined |\n| `ref_issues` | A comma separated list of Jira Issues found in the git ref | undefined | undefined |\n| `string_issues` | A comma separated list of Jira Issues found in the input string | undefined | undefined |\n\n\u003c!-- end outputs --\u003e\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbitflight-devops%2Fgithub-action-jira-find-issue-keys","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fbitflight-devops%2Fgithub-action-jira-find-issue-keys","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbitflight-devops%2Fgithub-action-jira-find-issue-keys/lists"}