{"id":19247083,"url":"https://github.com/chetanyakan/mattermost-plugin-circleci","last_synced_at":"2026-03-02T19:09:18.392Z","repository":{"id":46814113,"uuid":"211357421","full_name":"chetanyakan/mattermost-plugin-circleci","owner":"chetanyakan","description":"A CircleCI plugin for Mattermost. Supports CircleCI SaaS.","archived":false,"fork":false,"pushed_at":"2021-09-23T23:38:04.000Z","size":1214,"stargazers_count":2,"open_issues_count":5,"forks_count":3,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-09-08T21:11:49.494Z","etag":null,"topics":["bitbucket","circleci","circleci-account","github","hacktoberfest","insights","integrations","mattermost","mattermost-plugin","mattermost-plugin-circleci","notifications","plugin","workflow"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/chetanyakan.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2019-09-27T16:12:12.000Z","updated_at":"2020-10-08T06:43:29.000Z","dependencies_parsed_at":"2022-09-06T23:11:25.181Z","dependency_job_id":null,"html_url":"https://github.com/chetanyakan/mattermost-plugin-circleci","commit_stats":null,"previous_names":[],"tags_count":3,"template":false,"template_full_name":"Brightscout/mattermost-plugin-boilerplate","purl":"pkg:github/chetanyakan/mattermost-plugin-circleci","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/chetanyakan%2Fmattermost-plugin-circleci","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/chetanyakan%2Fmattermost-plugin-circleci/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/chetanyakan%2Fmattermost-plugin-circleci/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/chetanyakan%2Fmattermost-plugin-circleci/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/chetanyakan","download_url":"https://codeload.github.com/chetanyakan/mattermost-plugin-circleci/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/chetanyakan%2Fmattermost-plugin-circleci/sbom","scorecard":{"id":277047,"data":{"date":"2025-08-11","repo":{"name":"github.com/chetanyakan/mattermost-plugin-circleci","commit":"144a419d0ff127fb187790cf0a5d78f064417950"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":2,"checks":[{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Code-Review","score":1,"reason":"Found 3/24 approved changesets -- score normalized to 1","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Dangerous-Workflow","score":-1,"reason":"no workflows found","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Token-Permissions","score":-1,"reason":"No tokens found","details":null,"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Pinned-Dependencies","score":-1,"reason":"no dependencies found","details":null,"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"CII-Best-Practices","score":2,"reason":"badge detected: InProgress","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: MIT License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'master'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 9 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":0,"reason":"111 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-r67m-mf7v-qp7j","Warn: Project is vulnerable to: GO-2024-3032 / GHSA-vvpg-55p7-5h8w","Warn: Project is vulnerable to: GO-2023-1939","Warn: Project is vulnerable to: GO-2022-0616 / GHSA-qggc-pj29-j27m","Warn: Project is vulnerable to: GO-2022-0604 / GHSA-hv5f-73mr-7vvj","Warn: Project is vulnerable to: GO-2022-0595","Warn: Project is vulnerable to: GO-2022-0576","Warn: Project is vulnerable to: GO-2022-0599","Warn: Project is vulnerable to: GO-2022-0540","Warn: Project is vulnerable to: GHSA-63f2-6959-2pxj","Warn: Project is vulnerable to: GHSA-8jhh-3jf2-pfwr","Warn: Project is vulnerable to: GHSA-9hj7-v56g-rhf6","Warn: Project is vulnerable to: GO-2024-3164","Warn: Project is vulnerable to: GO-2024-3232","Warn: Project is vulnerable to: GO-2024-3227","Warn: Project is vulnerable to: GO-2024-3233","Warn: Project is vulnerable to: GO-2024-3234","Warn: Project is vulnerable to: GO-2024-3235","Warn: Project is vulnerable to: GO-2025-3392","Warn: Project is vulnerable to: GO-2025-3393","Warn: Project is vulnerable to: GO-2025-3394","Warn: Project is vulnerable to: GO-2025-3407","Warn: Project is vulnerable to: GO-2025-3482","Warn: Project is vulnerable to: GO-2025-3377","Warn: Project is vulnerable to: GO-2025-3379","Warn: Project is vulnerable to: GO-2025-3380","Warn: Project is vulnerable to: GO-2025-3481","Warn: Project is vulnerable to: GO-2025-3480","Warn: Project is vulnerable to: GO-2025-3483","Warn: Project is vulnerable to: GO-2025-3611","Warn: Project is vulnerable to: GO-2025-3618","Warn: Project is vulnerable to: GO-2025-3619","Warn: Project is vulnerable to: GO-2025-3621","Warn: Project is vulnerable to: GO-2025-3622","Warn: Project is vulnerable to: GO-2025-3642","Warn: Project is vulnerable to: GO-2025-3643","Warn: Project is vulnerable to: GO-2025-3644","Warn: Project is vulnerable to: GO-2025-3556","Warn: Project is vulnerable to: GO-2025-3610","Warn: Project is vulnerable to: GO-2025-3609","Warn: Project is vulnerable to: GO-2025-3620","Warn: Project is vulnerable to: GO-2025-3623","Warn: Project is vulnerable to: GO-2025-3731","Warn: Project is vulnerable to: GO-2025-3691","Warn: Project is vulnerable to: GO-2025-3694","Warn: Project is vulnerable to: GO-2025-3724","Warn: Project is vulnerable to: GO-2025-3729","Warn: Project is vulnerable to: GO-2025-3730","Warn: Project is vulnerable to: GO-2025-3756","Warn: Project is vulnerable to: GO-2025-3728","Warn: Project is vulnerable to: GO-2025-3692","Warn: Project is vulnerable to: GO-2025-3693","Warn: Project is vulnerable to: GO-2025-3757","Warn: Project is vulnerable to: GO-2025-3796","Warn: Project is vulnerable to: GO-2025-3797","Warn: Project is vulnerable to: GO-2025-3769","Warn: Project is vulnerable to: GO-2025-3771","Warn: Project is vulnerable to: GO-2025-3772","Warn: Project is vulnerable to: GO-2025-3819","Warn: Project is vulnerable to: GO-2025-3820","Warn: Project is vulnerable to: GO-2025-3818","Warn: Project is vulnerable to: GO-2024-2448","Warn: Project is vulnerable to: GO-2024-2541","Warn: Project is vulnerable to: GO-2024-2566","Warn: Project is vulnerable to: GO-2024-2589","Warn: Project is vulnerable to: GO-2024-2591","Warn: Project is vulnerable to: GO-2024-2592","Warn: Project is vulnerable to: GO-2024-2635","Warn: Project is vulnerable to: GO-2024-2588","Warn: Project is vulnerable to: GO-2024-2590","Warn: Project is vulnerable to: GO-2024-2593","Warn: Project is vulnerable to: GO-2024-2594","Warn: Project is vulnerable to: GO-2024-2595","Warn: Project is vulnerable to: GO-2024-2695","Warn: Project is vulnerable to: GO-2024-2696","Warn: Project is vulnerable to: GO-2024-2706","Warn: Project is vulnerable to: GO-2024-3020","Warn: Project is vulnerable to: GO-2024-3022","Warn: Project is vulnerable to: GO-2024-3023","Warn: Project is vulnerable to: GO-2024-3024","Warn: Project is vulnerable to: GO-2024-3025","Warn: Project is vulnerable to: GO-2024-3028","Warn: Project is vulnerable to: GO-2024-3030","Warn: Project is vulnerable to: GO-2024-3031","Warn: Project is vulnerable to: GO-2024-3092","Warn: Project is vulnerable to: GO-2024-3089","Warn: Project is vulnerable to: GO-2024-3090","Warn: Project is vulnerable to: GO-2024-3091","Warn: Project is vulnerable to: GO-2024-3093","Warn: Project is vulnerable to: GO-2024-3094","Warn: Project is vulnerable to: GO-2024-3096","Warn: Project is vulnerable to: GO-2024-3097","Warn: Project is vulnerable to: GO-2025-3534","Warn: Project is vulnerable to: GO-2025-3555","Warn: Project is vulnerable to: GO-2025-3604","Warn: Project is vulnerable to: GO-2024-3337","Warn: Project is vulnerable to: GO-2024-3338","Warn: Project is vulnerable to: GO-2024-3340","Warn: Project is vulnerable to: GO-2025-3549","Warn: Project is vulnerable to: GO-2025-3550","Warn: Project is vulnerable to: GO-2025-3551","Warn: Project is vulnerable to: GO-2025-3552","Warn: Project is vulnerable to: GO-2024-2444","Warn: Project is vulnerable to: GO-2024-2446","Warn: Project is vulnerable to: GO-2024-2450","Warn: Project is vulnerable to: GO-2024-2707","Warn: Project is vulnerable to: GO-2024-3334","Warn: Project is vulnerable to: GO-2024-2456 / GHSA-449p-3h89-pw88","Warn: Project is vulnerable to: GO-2024-2466 / GHSA-mw99-9chc-xw7r","Warn: Project is vulnerable to: GO-2025-3367 / GHSA-r9px-m959-cxf4","Warn: Project is vulnerable to: GO-2025-3368 / GHSA-v725-9546-7q7m"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-17T14:45:18.005Z","repository_id":46814113,"created_at":"2025-08-17T14:45:18.005Z","updated_at":"2025-08-17T14:45:18.005Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":30016507,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-03-02T17:00:27.440Z","status":"ssl_error","status_checked_at":"2026-03-02T17:00:03.402Z","response_time":60,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["bitbucket","circleci","circleci-account","github","hacktoberfest","insights","integrations","mattermost","mattermost-plugin","mattermost-plugin-circleci","notifications","plugin","workflow"],"created_at":"2024-11-09T17:36:11.996Z","updated_at":"2026-03-02T19:09:18.349Z","avatar_url":"https://github.com/chetanyakan.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Mattermost CircleCI Plugin\n\nA CircleCI plugin for Mattermost. Supports CircleCI SaaS.\n\n![Go Version](https://img.shields.io/github/go-mod/go-version/chetanyakan/mattermost-plugin-circleci)\n[![Go Report Card](https://goreportcard.com/badge/github.com/chetanyakan/mattermost-plugin-circleci)](https://goreportcard.com/report/github.com/chetanyakan/mattermost-plugin-circleci)\n[![Build Status](https://img.shields.io/circleci/project/github/chetanyakan/mattermost-plugin-circleci/master)](https://circleci.com/gh/chetanyakan/mattermost-plugin-circleci)\n[![Release](https://img.shields.io/github/v/release/chetanyakan/mattermost-plugin-circleci?include_prereleases)](https://github.com/chetanyakan/mattermost-plugin-circleci/releases/latest)\n[![FOSSA Status](https://app.fossa.com/api/projects/git%2Bgithub.com%2Fchetanyakan%2Fmattermost-plugin-circleci.svg?type=shield)](https://app.fossa.com/projects/git%2Bgithub.com%2Fchetanyakan%2Fmattermost-plugin-circleci?ref=badge_shield)\n\n## Table of Contents\n\n - [Audience](#audience)\n - [License](#license)\n - [About the CircleCI Plugin](#about-the-circleci-plugin)\n - [Before You Start](#before-you-start)\n - [Configuration](#configuration)\n - [Using the Plugin](#using-the-plugin)\n - [Onboarding Your Users](#onboarding-your-users)\n - [Development](#development)\n\n![CircleCI plugin screenshot](images/circleci_mattermost.png)\n\n## Audience\n\nThis guide is intended for Mattermost System Admins setting up the CircleCI plugin and Mattermost users who want information about the plugin functionality. For more information about contributing to this plugin, visit the [Development section](#development).\n\n## License\n\nThis repository is under the [MIT License](https://github.com/chetanyakan/mattermost-plugin-circleci/blob/master/LICENSE).\n\n[![FOSSA Status](https://app.fossa.com/api/projects/git%2Bgithub.com%2Fchetanyakan%2Fmattermost-plugin-circleci.svg?type=large)](https://app.fossa.com/projects/git%2Bgithub.com%2Fchetanyakan%2Fmattermost-plugin-circleci?ref=badge_large)\n\n## About the CircleCI Plugin\n\nThe Mattermost CircleCI plugin uses a webhook to connect your CircleCI account to Mattermost to listen for incoming CircleCI events. Event notifications are published in the channels where they are subscribed. \n\nAfter your System Admin has [configured the CircleCI plugin](#configuration), run `/circleci connect` in a Mattermost channel to connect your Mattermost and CircleCI accounts.\n\nOnce connected, you'll have access to the following features:\n\n* __Event Subscriptions__ - Ability to subscribe to build notifications for specified repositories.\n* __Build__ - Ability to trigger build in CircleCI for a project. The build can be triggered for either a branch or a tag.\n* __Recent Builds__ - View recent builds for a repository's workflow. For example, view recent builds for `release` workflow.\n* __Pipeline by Number__ - Get details of a pipeline by it's number. Each pipeline execution in CircleCI has a user-readable number which can be used for identifying a pipeline execution.  \n* __Environment__ - Get a list of *masked* context variables available to in pipeline.\n* __Project Insights__ - Get project insights on demand such as success rate, throughput, mean duration etc.\n* __Workflow Insights__ - Get insights of a workflow's runs. This includs details such as execution time, credits used and status.\n\n## Before You Start\n\nThis guide assumes:\n\n- You have a CircleCI account.\n- You're a Mattermost System Admin.\n- You're running Mattermost v5.20 or higher.\n\n## Configuration\n\n1. Go to the plugin system console settings to generate the Webhook Secret and Encryption Key and enable the plugin. Note the value of the `Webhook Secret`.\n1. Make sure you are using CircleCI config version v2.1 or above.\n1. Use the `status` command from the Mattermost Orb, which is added in the `.circleci/config.yml` of this repo as the last step of any CircleCI Job you created for your workflow to enable notifications to Mattermost.\n1. Go to your project settings on CircleCI and add an Environment Variable with the name `WEBHOOK_URL` with the value:\n`http://\u003cmattermost_url\u003e/plugins/com.mattermost.circleci/api/v1/webhook?secret=\u003cwebhook_secret\u003e`\n    - Replace `\u003cmattermost_url\u003e` with your site URL, for example: `community.mattermost.com`\n    - Replace `\u003cwebhook_secret\u003e` with the secret generated in the first step\n\n### Generating Personal Access Token\n\n1. Go to CircleCI.\n1. Open your profile settings by clicking on your avatar on the bottom left.\n1. Select the option `Personal Access Token`.\n1. Click on `Create New Token`.\n1. Give it an identifiable name such as `Mattermost CircleCI Plugin`.\n1. Click on `Add API Token`.\n1. Make sure you copy the token as once you close the dialog, you cannot see the generated token again. \n\n### Subscribing to Notifications\n\n1. Go to the channel in which you want to subscribe to notifications for your project.\n1. Use the `/circleci subscribe` command to subscribe this channel to notifications.\n    - Usage: `/circleci subscribe \u003cVCS-Type\u003e \u003cOwner-Name\u003e \u003cRepo-Name\u003e`\n    - Example: `/circleci subscribe github chetanyakan mattermost-plugin-circleci`\n\n## Using the Plugin\n\nOnce you've generated the personal access token, run the `/circlec connect \u003cyour auth token\u003e` slash command from any channel within Mattermost to connect your Mattermost account with CircleCI.\n\n## Onboarding Your Users\n\nWhen you’ve tested the plugin and confirmed it’s working, notify your team so they can connect their CircleCI account to Mattermost and get started. Copy and paste the text below, edit it to suit your requirements, and send it out.\n\n\u003e Hi team, \n\n\u003e We've set up the Mattermost CircleCI plugin, so you can get notifications from CircleCI in Mattermost. To get started, run the `/circleci connect` slash command from any channel within Mattermost to connect your Mattermost account with CircleCI. Then, take a look at the [available features](#about-the-circleci-plugin) in the plugin for more details.\n\n## Development\n\nThis plugin contains a server portion. Read our documentation about the [Developer Workflow](https://developers.mattermost.com/extend/plugins/developer-workflow/) and [Developer Setup](https://developers.mattermost.com/extend/plugins/developer-setup/) for more information about developing and extending plugins.\n\n## Security Vulnerability Disclosure\n\nDo not post a GitHub ticket for security vulnerability. Please report any security vulnerability to `@harshilsharma63` or `@chetanyakan` on [Community Mattermost](https://community.mattermost.com). \n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fchetanyakan%2Fmattermost-plugin-circleci","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fchetanyakan%2Fmattermost-plugin-circleci","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fchetanyakan%2Fmattermost-plugin-circleci/lists"}