{"id":13483980,"url":"https://github.com/cla-assistant/cla-assistant","last_synced_at":"2025-05-15T12:06:21.199Z","repository":{"id":22862903,"uuid":"26210598","full_name":"cla-assistant/cla-assistant","owner":"cla-assistant","description":"Contributor License Agreement assistant (CLA assistant)","archived":false,"fork":false,"pushed_at":"2024-06-06T18:02:59.000Z","size":11321,"stargazers_count":1396,"open_issues_count":197,"forks_count":267,"subscribers_count":22,"default_branch":"main","last_synced_at":"2025-04-15T05:32:07.444Z","etag":null,"topics":["angular","cla","contributor-license-agreement","github","github-integration","nodejs"],"latest_commit_sha":null,"homepage":"https://cla-assistant.io","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/cla-assistant.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2014-11-05T08:38:10.000Z","updated_at":"2025-04-15T04:43:56.000Z","dependencies_parsed_at":"2023-02-15T07:45:56.395Z","dependency_job_id":"b0e83c60-6c76-4774-99a8-5ed61de9583a","html_url":"https://github.com/cla-assistant/cla-assistant","commit_stats":{"total_commits":1211,"total_committers":72,"mean_commits":"16.819444444444443","dds":0.4409578860445913,"last_synced_commit":"f895b5cec206ee9d569042103d45a8b17f672f34"},"previous_names":[],"tags_count":58,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cla-assistant%2Fcla-assistant","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cla-assistant%2Fcla-assistant/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cla-assistant%2Fcla-assistant/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cla-assistant%2Fcla-assistant/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/cla-assistant","download_url":"https://codeload.github.com/cla-assistant/cla-assistant/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":254337613,"owners_count":22054253,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["angular","cla","contributor-license-agreement","github","github-integration","nodejs"],"created_at":"2024-07-31T17:01:17.520Z","updated_at":"2025-05-15T12:06:16.185Z","avatar_url":"https://github.com/cla-assistant.png","language":"JavaScript","readme":"\u003c!--\nSPDX-FileCopyrightText: 2022 SAP SE or an SAP affiliate company and CLA-assistant contributors\n\nSPDX-License-Identifier: Apache-2.0\n--\u003e\n\n[![CLA assistant](https://cla-assistant.io/readme/badge/cla-assistant/cla-assistant)](https://cla-assistant.io/cla-assistant/cla-assistant)\n[![Coverage Status](https://img.shields.io/coveralls/cla-assistant/cla-assistant.svg)](https://coveralls.io/r/cla-assistant/cla-assistant)\n[![CII Best Practices](https://bestpractices.coreinfrastructure.org/projects/1583/badge)](https://bestpractices.coreinfrastructure.org/projects/1583)\n[![CI/CDPipeline](https://github.com/cla-assistant/cla-assistant/actions/workflows/build.yml/badge.svg)](https://github.com/cla-assistant/cla-assistant/actions/workflows/build.yml)\n[![REUSE status](https://api.reuse.software/badge/github.com/cla-assistant/cla-assistant)](https://api.reuse.software/info/github.com/cla-assistant/cla-assistant)\n\n# Contributor License Agreement (CLA) assistant\n\nStreamline your workflow and let CLA assistant handle the legal side of contributions to a repository for you. CLA assistant enables contributors to sign CLAs from within a pull request.\n\nTo get started, simply store your CLA as a GitHub Gist file then link it with the repository/organization in CLA assistant. Then sit back and relax while CLA assistant:\n\n- Comments on each opened pull request to ask the contributor to sign the CLA\n- Allows contributors to sign a CLA from within a pull request\n- Authenticates the signee with their GitHub account\n- Updates the status of a pull request when the contributor agrees to the CLA\n- Automatically asks users to re-sign the CLA for each new pull request in the event the associated Gist \u0026 CLA has changed\n\nRepository owners can review a list of users who signed the CLA for each version of it. To get started, visit [cla-assistant.io](https://cla-assistant.io).\n\nWe also developed a [lite version](https://github.com/cla-assistant/github-action) of CLA Assistant using GitHub Actions which is in Alpha. You can checkout it out [here](https://github.com/cla-assistant/github-action).\n\n## Try\n\nCLA assistant is provided by [SAP](https://sap.com) as a free hosted offering under [cla-assistant.io](https://cla-assistant.io).\nPlease open a GitHub issue if you have feedback.\n\n## Request more information from the CLA signer\n\nIf you need to collect detailed information about your contributors you can add so called \"custom fields\" to your CLA.\nThis can be done by providing CLA assistant with some metadata that describes the data you are going to collect.\nCLA assistant will generate a form based on this metadata and contributors will be requested to fill out the form before they sign your CLA.\n\nFollowing steps need to be done:\n- Go to the Gist with your CLA and add a new file with name \"metadata\" ([like this](https://raw.githubusercontent.com/cla-assistant/cla-assistant/main/src/client/assets/images/add_custom_fields.gif))\n- describe custom fields in JSON format (according to the [JSON Schema](https://raw.githubusercontent.com/cla-assistant/cla-assistant/main/custom-fields-schema.json))\n\n```json\n{\n \"name\": {\n \"title\": \"Full Name\",\n \"type\": \"string\",\n \"githubKey\": \"name\"\n },\n \"email\": {\n \"title\": \"E-Mail\",\n \"type\": \"string\",\n \"githubKey\": \"email\",\n \"required\": true\n },\n \"age\": {\n \"title\": \"Age\",\n \"description\": \"Age in years\",\n \"type\": \"number\",\n \"minimum\": 18,\n \"maximum\": 99\n },\n \"agreement\": {\n \"title\": \"I have read and agree to the CLA\",\n \"type\": \"boolean\",\n \"required\": true\n },\n \"category\": {\n \"title\": \"How do you sign?\",\n \"type\": {\n \"enum\": [\n \"I am signing on behalf of myself.\",\n \"I am signing on behalf of my employer.\"\n ]\n },\n \"required\": true\n }\n}\n```\n\nYou can also define which of required information can be taken from user's GitHub account. In that case CLA assistant prefills the form with GitHub data.\nThe possible values for the \"githubKey\"-property can be found in the [GitHub-API description](https://developer.github.com/v3/users/#get-a-single-user).\n\n## FAQ\n\n#### Where is the list of signees stored?\n\nSince 27.08.2021 all data is stored in a Cosmos DB (MongoDB compatible) hosted on Microsoft Azure in Europe ([#740](https://github.com/cla-assistant/cla-assistant/issues/740)).\nBefore that all the data was stored in a MongoDB hosted by [mLab](https://mlab.com/).\n\n#### Where can I see the list of signees? Is there a way to import/export the signee data?\n\nYou can see the list of signees on the user interface. There is also a possibility for you to export the list as a .csv file.\n\n#### What should my Contributor License Agreement say?\n\nWe're no lawyers, but we can suggest using https://contributoragreements.org/ for a fill-in-the-blank approach to creating a CLA tailored to your needs.\n\n#### Who can I contact for help?\n\nIn case of problems or any further questions, please check our [general trouble shooting issue](https://github.com/cla-assistant/cla-assistant/issues/567) or [open an issue](https://github.com/cla-assistant/cla-assistant/issues/new). We always appreciate helpful tips and support for the project.\n\n#### How can I contribute?\n\nYou want to contribute to CLA Assistant? Welcome! Please read [here](https://github.com/cla-assistant/cla-assistant/blob/main/CONTRIBUTING.md).\n\n#### Can I allow bot user contributions?\n\nSince there's no way for bot users (such as Dependabot or Greenkeeper) to sign a CLA, you may want to allow their contributions without it. You can do so by importing their names (in this case `dependabot[bot]` and `greenkeeper[bot]`) in the CLA assistant dashboard.\n\n## Setup your own instance of CLA assistant\n\nClone this repository, change into the cloned directory and install dependencies.\n\n```sh\ngit clone https://github.com/cla-assistant/cla-assistant\ncd ./cla-assistant\nnpm install\n```\n\nPlease check the `package.json` for the supported and tested versions of node and npm.\n\n[Register an OAuth application on GitHub](https://github.com/settings/applications/new).\nThe callback URL needs to be of the form of `\u003cPROTOCOL\u003e://\u003cHOST\u003e:\u003cPORT\u003e/auth/github/callback`.\n\n\u003e **Note**: You can use [ngrok](https://ngrok.com/) to get a publicly accessible URL which redirects to your `localhost:5000` by executing the following command:\n\u003e\n\u003e ```sh\n\u003e ngrok http 5000\n\u003e ```\n\u003e \n\u003e If you use ngrok, you need to update the `HOST` variable in your `.env` file and set `PROTOCOL` to \"https\".\n\n\nCopy the sample configuration file `.env.example` file to `.env`.\n\n```sh\ncp .env.example .env\n```\n\nYou require a MongoDB or compatible database as a backend such as: \n- [Azure Cosmos DB](https://cosmos.azure.com)\n- [FerretDB](https://www.ferretdb.io) and [their blog post about using it with CLA Assistant](https://blog.ferretdb.io/using-cla-assistant-with-ferretdb/)\n\n\u003e **Note**: For development purposes you can run MongoDB in a docker container easily:\n\u003e\n\u003e ```sh\n\u003e docker run --detach --publish 27017:27017 mongo\n\u003e ```\n\u003e\n\u003e With that you need to adjust the `MONGODB` environment variable in the `.env` file to `mongodb://localhost:27017/cla_assistant`.\n\n**Setup GitHub App**\n\n- [Register an GitHub App](https://github.com/settings/apps/new) and add repository permissions for Pull Requests. \n- Copy the App Name, App ID, Client ID and Client Secret into the `.env`.\n- Generate a new private key, download it and add the contents to the `.env` file (`GITHUB_APP_PRIVATE_KEY`)\n\n\u003e **Note**: If your private key isn't recognized properly, you can try to fill the contents from a file:\n\u003e\n\u003e ```bash\n\u003e export GITHUB_APP_PRIVATE_KEY=\"$(cat key.pem)\"\n\u003e ```\n\n### Supported environment variables\n\nThe following are the environment variables you have to configure to run a private instance:\n\n| Name | Description |\n|-----------------------------|-----------------------------------------------------------------------------------------------------------|\n| `GITHUB_CLIENT` | The client ID for authenticating with the GitHub API. |\n| `GITHUB_SECRET` | The secret key for authenticating with the GitHub API. |\n| `GITHUB_TOKEN` | The access token for making authenticated requests to the GitHub API. |\n| `GITHUB_APP_NAME` | The name of the registered GitHub App. |\n| `GITHUB_APP_PRIVATE_KEY` | The contents of the private key for the registered GitHub App. |\n| `GITHUB_APP_ID` | The ID of the registered GitHub App. |\n| `GITHUB_APP_CLIENT` | The client ID of the registered GitHub App. |\n| `GITHUB_APP_SECRET` | The client secret of the registered GitHub App. |\n| `MONGODB` | The URI for the MongoDB database (e. g. `mongodb://\u003cuser\u003e:\u003cpassword\u003e@\u003chost\u003e:\u003cport\u003e/\u003cdbname\u003e`). |\n\n\nThese are optional environment variables:\n\n| Name | Description | Default |\n|-----------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------|\n| `GITHUB_PROTOCOL` | The protocol to use for GitHub API requests. | https |\n| `GITHUB_HOST` | The hostname of the GitHub server. | github.com |\n| `GITHUB_API_HOST` | The API hostname of the GitHub server. | api.github.com |\n| `GITHUB_VERSION` | The version of the GitHub API to use. | 3.0.0 |\n| `GITHUB_GRAPHQL` | The URL for accessing the GitHub GraphQL API. | https://api.github.com/graphql |\n| `GITHUB_ADMIN_USERS` | (comma-separated) If set, will only allow the specified GitHub users to administer this instance of the app. | |\n| `GITHUB_DELAY` | The delay in milliseconds to enforce on webhooks. | 5000 |\n| `TIME_TO_WAIT` | The time to wait between API calls to avoid rate limits (in milliseconds). | 1000 |\n| `PORT` | The local port to bind to. | 5000 |\n| `PROTOCOL` | The protocol to use for the CLA assistant (`http` or `https`). | http |\n| `HOST` | The hostname of the CLA assistant (without the protocol). | cla-assistant.io |\n| `HOST_PORT` | The port for the CLA assistant if it doesn't use standard HTTP ports. | |\n| `SESSION_SECRET` | The secret key for session encryption. | cla-assistant |\n| `SMTP_HOST` | The hostname of the SMTP server. | |\n| `SMTP_SSL` | Whether to use SSL/TLS for SMTP connections. | false |\n| `SMTP_PORT` | The port number for the SMTP server. | 465 |\n| `SMTP_USER` | The username for SMTP authentication. | |\n| `SMTP_PASS` | The password for SMTP authentication. | |\n| `SLACK_URL` | The URL for sending log notifications to Slack. | |\n| `SLACK_CHANNEL` | The name of the Slack channel to send log notifications to. | |\n| `LOGIN_PAGE_TEMPLATE` | The path to the login page HTML template. | |\n| `REQUIRED_SIGNEES` | | |\n| `ORG_OVERRIDE_ENABLED` | | |\n| `REQUEST_TRACE_HEADER_NAME` | Use the value of an HTTP-header to set the name. E.g. the request id set by an ingress controller via `X-Req-Id`. If not set or no HTTP-header is present a random uuid is used. | |\n| `LOG_TRACE_FIELD_NAME` | The log field name where the request trace ID is stored. | req_id |\n| `LOG_TRACE_PREFIX` | A prefix added to the request trace ID. | |\n\n\u003e **Hint:** For further reading on setting up MongoDB, check the \"[Getting Started](https://docs.mongodb.org/manual/tutorial/getting-started/)\" and [`db.createUser()` method](https://docs.mongodb.org/manual/reference/method/db.createUser).\n\nRun grunt in order to build the application.\n```sh\nnpx grund build\n```\n\nDuring development, just run the grunt default task to build the app, start linter checks and run unit tests on each change of relevant .js files.\n```sh\nnpx grunt\n```\n\nFinally, source the environment file and start the application.\n\n```sh\nsource .env\nnpm run start\n```\n\n### Quick start with Docker Compose\n\nTo get a CLA assistant instance quickly up you can as well use Docker compose:\n\n```sh\ngit clone https://github.com/cla-assistant/cla-assistant\ncd ./cla-assistant\n\ncp .env.example .env\n# Update GITHUB_CLIENT, GITHUB_SECRET and GITHUB_TOKEN with your values in .env\ndocker-compose up\n```\n\nNow you can navigate to `http://localhost:5000` and access your installation. To locally test webhooks you needs to expose it via e.g. `ngrok` as outlined above.\n\n### Run the CLA assistant instance with Docker\n\nTo run the CLA assistant instance with docker:\n\n```bash\ndocker build -t cla-assistant .\ndocker run -d -p 5000:5000 \\\n -e HOST=.. \\\n -e PORT=... \\\n cla-assistant\n```\n\nFor the list of supported environments see [supported environment variables](#supported-environment-variables).\n\n## License\n\nContributor License Agreement assistant\n\nCopyright (c) 2022 [SAP SE](https://www.sap.com) or an SAP affiliate company. All rights reserved.\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\n https://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.\n\n## Credits\n\n\u003cp align=\"center\"\u003e\n \u003cimg src=\"https://user-images.githubusercontent.com/43786652/108909769-434e3b00-7625-11eb-9abb-53a5db3a3fa6.png\" title=\"SAP\" /\u003e\n\u003cp align=\"center\"\u003e\n","funding_links":[],"categories":["JavaScript","JavaScript (71)","Uncategorized","Contributor License Agreements","Contributor License Agreements / Developer Certificate of Origins"],"sub_categories":["Uncategorized"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcla-assistant%2Fcla-assistant","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcla-assistant%2Fcla-assistant","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcla-assistant%2Fcla-assistant/lists"}