{"id":28494540,"url":"https://github.com/insolite/mergeit","last_synced_at":"2026-05-05T18:38:52.264Z","repository":{"id":57440902,"uuid":"56977270","full_name":"insolite/mergeit","owner":"insolite","description":"GIT merge bot with branch dependencies, merge preprocessing and hooks","archived":false,"fork":false,"pushed_at":"2017-02-06T08:59:59.000Z","size":72,"stargazers_count":2,"open_issues_count":1,"forks_count":0,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-09-22T16:55:35.503Z","etag":null,"topics":["bot","ci","git","gitlab","merge"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/insolite.png","metadata":{"files":{"readme":"README.rst","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2016-04-24T14:55:31.000Z","updated_at":"2018-04-10T13:41:04.000Z","dependencies_parsed_at":"2022-09-02T08:14:42.661Z","dependency_job_id":null,"html_url":"https://github.com/insolite/mergeit","commit_stats":null,"previous_names":[],"tags_count":1,"template":false,"template_full_name":null,"purl":"pkg:github/insolite/mergeit","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/insolite%2Fmergeit","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/insolite%2Fmergeit/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/insolite%2Fmergeit/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/insolite%2Fmergeit/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/insolite","download_url":"https://codeload.github.com/insolite/mergeit/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/insolite%2Fmergeit/sbom","scorecard":{"id":489759,"data":{"date":"2025-08-11","repo":{"name":"github.com/insolite/mergeit","commit":"27ca0eacab9b1d2fe6bafe5a43184a80e6169cb5"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":1.7,"checks":[{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Dangerous-Workflow","score":-1,"reason":"no workflows found","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Token-Permissions","score":-1,"reason":"No tokens found","details":null,"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Code-Review","score":0,"reason":"Found 0/30 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Pinned-Dependencies","score":-1,"reason":"no dependencies found","details":null,"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"SAST","score":0,"reason":"no SAST tool detected","details":["Warn: no pull requests merged into dev branch"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: MIT License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'master'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Vulnerabilities","score":0,"reason":"24 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: PYSEC-2023-120 / GHSA-45c4-8wx5-qw6w","Warn: Project is vulnerable to: GHSA-5m98-qgg9-wh84","Warn: Project is vulnerable to: GHSA-7gpw-8wmc-pm8g","Warn: Project is vulnerable to: GHSA-8495-4g3g-x7pr","Warn: Project is vulnerable to: PYSEC-2024-26 / GHSA-8qpw-xqxj-h4r2","Warn: Project is vulnerable to: GHSA-9548-qrrj-x5pj","Warn: Project is vulnerable to: PYSEC-2023-246 / GHSA-gfw2-4jvh-wgfg","Warn: Project is vulnerable to: GHSA-pjjw-qhg8-p2p9","Warn: Project is vulnerable to: PYSEC-2023-250 / GHSA-q3qx-c6g2-7pw2","Warn: Project is vulnerable to: PYSEC-2023-251 / GHSA-qvrw-v9rv-5rjx","Warn: Project is vulnerable to: PYSEC-2021-76 / GHSA-v6wp-4m6f-gcjg","Warn: Project is vulnerable to: PYSEC-2023-247 / GHSA-xx9p-xxvh-7g8j","Warn: Project is vulnerable to: PYSEC-2024-4 / GHSA-2mqj-m65w-jghx","Warn: Project is vulnerable to: PYSEC-2023-165 / GHSA-cwvm-v4w8-q58c","Warn: Project is vulnerable to: PYSEC-2022-42992 / GHSA-hcpj-qp55-gfph","Warn: Project is vulnerable to: PYSEC-2023-137 / GHSA-pr76-5cm5-w9cj","Warn: Project is vulnerable to: PYSEC-2023-161 / GHSA-wfm5-v35h-vwf4","Warn: Project is vulnerable to: PYSEC-2021-142 / GHSA-8q59-q68h-6hv4","Warn: Project is vulnerable to: PYSEC-2018-49 / GHSA-rprw-h62v-c2w7","Warn: Project is vulnerable to: PYSEC-2014-14 / GHSA-652x-xj99-gmcc","Warn: Project is vulnerable to: GHSA-9hjg-9r4m-mvj7","Warn: Project is vulnerable to: GHSA-9wx4-h78v-vm56","Warn: Project is vulnerable to: PYSEC-2014-13 / GHSA-cfj3-7x9c-4p3h","Warn: Project is vulnerable to: PYSEC-2018-28 / GHSA-x84v-xcm2-53pg"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-19T18:46:14.524Z","repository_id":57440902,"created_at":"2025-08-19T18:46:14.524Z","updated_at":"2025-08-19T18:46:14.524Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":279012990,"owners_count":26085221,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-12T02:00:06.719Z","response_time":53,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["bot","ci","git","gitlab","merge"],"created_at":"2025-06-08T10:07:02.058Z","updated_at":"2025-10-12T21:18:41.922Z","avatar_url":"https://github.com/insolite.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"=======\nmerGeIT\n=======\n\nGIT auto merge tool\n\n.. image:: https://travis-ci.org/insolite/mergeit.svg?branch=master\n  :target: https://travis-ci.org/insolite/mergeit\n  :alt: Build status\n\n.. image:: https://codecov.io/github/insolite/mergeit/branch/master/graph/badge.svg\n  :target: https://codecov.io/github/insolite/mergeit\n  :alt: Test coverage\n\nOverview\n========\n\nmerGeIT allows to handle git push events and do automatic merges\naccording to configured branch dependencies.\n\nHow it works\n============\n\nFirst of all you define branch dependencies in a way *\"source-target branches\"*.\nThe *source* branch is defined as regular expression.\nAll *target* branches are defined as list under *source* branch section.\n\nOptionally filters and hooks can be defined for each dependency.\nFilters can cancel merge or change target branch before merge depending on push event info.\nHooks are mostly used to send notifications about merge result,\nclose tasks in task manager or cancel push merge if i. e. unittests fails.\n\nWhen push event occurs on some branch, push handler matches name of this branch\nacross all patterns and runs *merge process* for *source* into *target*.\nThe *merge process* is completed in 3 steps:\n\n* Executing filters\n* Actual GIT merge operation\n* Executing hooks\n* GIT push operation\n\nBoth filters and hooks has ability to cancel *merge process*.\n\nFeatures\n========\n\n * **Branch dependencies** using regexp for source (push) branch matching and list of target (merge) branches\n * **Filters** to control merging flow with specific logic\n * **Hooks** to notify about success/fail merge events\n\nConfig\n======\n\nFor each project (repo) there should be one YAML config that defines all branch dependencies and filters/hooks definitions/uses.\n\nThe following example explains how to set up simple scheme \"Keep *develop* branch up-to-date with *master* updates\":\n\n.. code-block:: yaml\n    dependencies:\n      '^master$':\n        targets:\n            - develop\n\nCustom filters and hooks\n========================\n\nmerGeIT comes with some helpful filters and hooks for Redmine and GitLab located in **extras** module. You can implement similar things for any other software you use. Also, feel free to make pull request to add them to merGeIT repo ;)\n\nUsage\n=====\n\nRun hook handle server:\n\n.. code-block:: bash\n\n    mergeit -H 0.0.0.0 -p 1234 -sh 0.0.0.0 -sp 1235 -c config_samples/full.yaml -l test-repo\n\nDisplay help:\n\n.. code-block:: bash\n\n    mergeit -h\n\nRun shell (for manual commands):\n\n.. code-block:: bash\n\n    mergeit-shell -c config_samples/full.yaml -l test.log\n\nConnect to server's same shell via telnet (while mergeit server running):\n\n.. code-block:: bash\n\n    telnet localhost 1235\n\nSimplest config example\n=======================\n\nComing soon\n\nInstall\n=======\n\nInstall package:\n\n.. code-block:: bash\n\n    python3 setup.py install\n\nRun tests (optionally):\n\n.. code-block:: bash\n\n    python3 -m unittest discover tests\n\nTODO\n====\n\n* Add support for raw git push hooks (not only gitlab)\n* Add ability to configure git remotes somehow\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Finsolite%2Fmergeit","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Finsolite%2Fmergeit","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Finsolite%2Fmergeit/lists"}