{"id":34553323,"url":"https://github.com/fastai/tweetrel","last_synced_at":"2025-12-24T08:18:13.729Z","repository":{"id":62585675,"uuid":"317971229","full_name":"fastai/tweetrel","owner":"fastai","description":"Use GitHub Actions to send a tweet when you make a new release","archived":false,"fork":false,"pushed_at":"2020-12-14T17:35:19.000Z","size":1126,"stargazers_count":18,"open_issues_count":1,"forks_count":3,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-09-08T18:29:11.356Z","etag":null,"topics":["github","github-actions","nbdev","release-automation","twitter","twitter-api"],"latest_commit_sha":null,"homepage":"https://fastai.github.io/tweetrel/","language":"Jupyter Notebook","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/fastai.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2020-12-02T19:37:03.000Z","updated_at":"2024-01-04T16:52:46.000Z","dependencies_parsed_at":"2022-11-03T20:20:18.487Z","dependency_job_id":null,"html_url":"https://github.com/fastai/tweetrel","commit_stats":null,"previous_names":[],"tags_count":1,"template":false,"template_full_name":"fastai/nbdev_template","purl":"pkg:github/fastai/tweetrel","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastai%2Ftweetrel","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastai%2Ftweetrel/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastai%2Ftweetrel/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastai%2Ftweetrel/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/fastai","download_url":"https://codeload.github.com/fastai/tweetrel/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastai%2Ftweetrel/sbom","scorecard":{"id":393262,"data":{"date":"2025-08-11","repo":{"name":"github.com/fastai/tweetrel","commit":"34a5e73fc8db3af966e402d687a26fdd6cff053f"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":2.5,"checks":[{"name":"Code-Review","score":0,"reason":"Found 0/22 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/tweet.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"SAST","score":0,"reason":"no SAST tool detected","details":["Warn: no pull requests merged into dev branch"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tweet.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/fastai/tweetrel/tweet.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tweet.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/fastai/tweetrel/tweet.yml/master?enable=pin","Warn: pipCommand not pinned by hash: .github/workflows/tweet.yml:21","Info:   0 out of   2 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of   1 pipCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: Apache License 2.0: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'master'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Vulnerabilities","score":0,"reason":"41 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-cr5q-6q9f-rq6q","Warn: Project is vulnerable to: GHSA-j6gc-792m-qgm2","Warn: Project is vulnerable to: GHSA-pj73-v5mw-pm9j","Warn: Project is vulnerable to: GHSA-jxhc-q857-3j6g","Warn: Project is vulnerable to: GHSA-48wp-p9qv-4j64","Warn: Project is vulnerable to: GHSA-4qw4-jpp4-8gvp","Warn: Project is vulnerable to: GHSA-636f-xm5j-pj9m","Warn: Project is vulnerable to: GHSA-7vh7-fw88-wj87","Warn: Project is vulnerable to: GHSA-fmx4-26r3-wxpf","Warn: Project is vulnerable to: GHSA-52p9-v744-mwjj","Warn: Project is vulnerable to: GHSA-286v-pcf5-25rc","Warn: Project is vulnerable to: GHSA-2qc6-mcvw-92cw","Warn: Project is vulnerable to: GHSA-2rr5-8q37-2w7h","Warn: Project is vulnerable to: GHSA-353f-x4gh-cqq8","Warn: Project is vulnerable to: GHSA-59gp-qqm7-cw4j","Warn: Project is vulnerable to: GHSA-5w6v-399v-w3cc","Warn: Project is vulnerable to: GHSA-7rrm-v45f-jp64","Warn: Project is vulnerable to: GHSA-cgx6-hpwq-fhv5","Warn: Project is vulnerable to: GHSA-crjr-9rc5-ghw8","Warn: Project is vulnerable to: GHSA-fq42-c5rg-92c2","Warn: Project is vulnerable to: GHSA-gx8x-g87m-h5q6","Warn: Project is vulnerable to: GHSA-jc36-42cf-vqwj","Warn: Project is vulnerable to: GHSA-jw9f-hh49-cvp9","Warn: Project is vulnerable to: GHSA-mrxw-mxhj-p664","Warn: Project is vulnerable to: GHSA-pxvg-2qj5-37jq","Warn: Project is vulnerable to: GHSA-r95h-9x8f-r3f7","Warn: Project is vulnerable to: GHSA-v4f8-2847-rwm7","Warn: Project is vulnerable to: GHSA-v6gp-9mmm-c6p5","Warn: Project is vulnerable to: GHSA-vr8q-g5c7-m54m","Warn: Project is vulnerable to: GHSA-vvfq-8hwr-qm4m","Warn: Project is vulnerable to: GHSA-xc9x-jj77-9p9j","Warn: Project is vulnerable to: GHSA-xh29-r2w5-wx8m","Warn: Project is vulnerable to: GHSA-xxx9-3xcr-gjj3","Warn: Project is vulnerable to: GHSA-2rxp-v6pw-ch6m","Warn: Project is vulnerable to: GHSA-4xqq-m2hx-25v8","Warn: Project is vulnerable to: GHSA-5866-49gr-22v4","Warn: Project is vulnerable to: GHSA-8cr8-4vfw-mr7h","Warn: Project is vulnerable to: GHSA-r55c-59qm-vjw6","Warn: Project is vulnerable to: GHSA-vg3r-rm7w-2xgh","Warn: Project is vulnerable to: GHSA-vmwr-mc7x-5vc3","Warn: Project is vulnerable to: GHSA-5cm2-9h8c-rvfx"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-18T18:21:18.404Z","repository_id":62585675,"created_at":"2025-08-18T18:21:18.404Z","updated_at":"2025-08-18T18:21:18.404Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":27998479,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-12-24T02:00:07.193Z","response_time":83,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["github","github-actions","nbdev","release-automation","twitter","twitter-api"],"created_at":"2025-12-24T08:18:07.588Z","updated_at":"2025-12-24T08:18:13.715Z","avatar_url":"https://github.com/fastai.png","language":"Jupyter Notebook","readme":"# How to tweet your releases\n\u003e Send a tweet to let people know when you release software on GitHub.\n\n\nIt's great to release software. And even better when people actually know about it!\n\nOne way to let people know about your new software releases is to tell them on Twitter. But we're software developers, not social media managers -- so that means we *automate all the things*.\n\nWith tweetrel, you can have GitHub send a tweet for you whenever you make a release.\n\n## Install\n\n`pip install tweetrel`\n\n## How to use\n\nFirst, you need to add your Twitter API details as [GitHub secrets](https://docs.github.com/en/free-pro-team@latest/actions/reference/encrypted-secrets). You'll need to sign up for a [Twitter API](https://developer.twitter.com/en/docs) account if you don't already have one. Once you've signed up, Twitter will give you four keys: `consumer_key`, `consumer_secret`, `access_token`, and `access_token_secret`. Create a new secret called `TWITTER`, and paste those four keys in, with a space between each one.\n\nIf you need to send Tweets on behalf of a different user to the one attached to your login, you'll need to authenticate with Twitter as that user. Run `tweetrel-auth` in your terminal and follow the instructions, and it will give you the `access_token` and `access_token_secret` you need -- paste them (after a space) after your `consumer_key` and `consumer_secret` and that will let you send tweets as the user you authenticated as.\n\nNext, in your terminal, `cd` to the root of your repo, and then run:\n\n```bash\ntweetrel-install\n```\n\nThat will set `tweetrel` up for you to run automatically upon release. You'll see two folders added to your `.github` folder, containing the YAML workflow and python script. No additional setup is needed, other than pushing these to GitHub:\n\n```bash\ngit add -A .github\ngit commit -am 'Add tweetrel`\ngit push\n```\n\nYou can test this without actually making a release by going to your GitHub repo in your browser, clicking the *Actions* tab, then clicking on the *tweet* action, and clicking the *run workflow* button. That will use GitHub's example release payload for testing.\n\nOnce you've confirmed it's working, try making a release on GitHub, and check that you see the green tick in the Actions tab showing a successful run of the *tweet* action.\n\n## Customization\n\nAs you'll see, the default template is:\n\n    New #{repo} release: v{tag_name}. {html_url}\\n\\n{body}\n\nYou can customize that by setting the `TWEETREL_TEMPLATE` environment variable. For instance, add this (with suitable indentation) to the `env:` section of your workflow YAML file:\n\n```bash\nTWEETREL_TEMPLATE: |\n  We are proud to announce the {tag_name} release of {repo}.\n  \n  For more, see: {html_url}. Here are the details:\n  {body}\n```\n\nThe `|` is the YAML character that indicates a multiline string. The sections in `{...}` are the Python formatting template variables that will be replaced by the details of your release. You don't need to include all of them if you don't want them.\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffastai%2Ftweetrel","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ffastai%2Ftweetrel","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffastai%2Ftweetrel/lists"}