{"id":17241763,"url":"https://github.com/j256/test-check-publisher-maven-plugin","last_synced_at":"2026-05-03T19:33:46.746Z","repository":{"id":54428337,"uuid":"328548777","full_name":"j256/test-check-publisher-maven-plugin","owner":"j256","description":"Maven plugin designed to take tests results produced by continuous integration systems and publish them to github as a \"check\" annotation on a particular commit.","archived":false,"fork":false,"pushed_at":"2026-03-03T23:41:43.000Z","size":148,"stargazers_count":2,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2026-03-04T02:37:33.410Z","etag":null,"topics":["checks","github","github-checks","maven-plugin","unit-tests"],"latest_commit_sha":null,"homepage":"","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"isc","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/j256.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":".github/FUNDING.yml","license":"LICENSE.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null},"funding":{"github":"j256","patreon":"j256"}},"created_at":"2021-01-11T04:32:08.000Z","updated_at":"2026-03-03T23:41:45.000Z","dependencies_parsed_at":"2022-08-13T15:20:34.506Z","dependency_job_id":null,"html_url":"https://github.com/j256/test-check-publisher-maven-plugin","commit_stats":null,"previous_names":[],"tags_count":14,"template":false,"template_full_name":null,"purl":"pkg:github/j256/test-check-publisher-maven-plugin","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/j256%2Ftest-check-publisher-maven-plugin","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/j256%2Ftest-check-publisher-maven-plugin/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/j256%2Ftest-check-publisher-maven-plugin/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/j256%2Ftest-check-publisher-maven-plugin/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/j256","download_url":"https://codeload.github.com/j256/test-check-publisher-maven-plugin/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/j256%2Ftest-check-publisher-maven-plugin/sbom","scorecard":{"id":499850,"data":{"date":"2025-08-11","repo":{"name":"github.com/j256/test-check-publisher-maven-plugin","commit":"1c468b0d3ce7790b1bd3e59cb9adf9f2ee0c3ccd"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":1.9,"checks":[{"name":"Code-Review","score":0,"reason":"Found 0/29 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Token-Permissions","score":-1,"reason":"No tokens found","details":null,"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Dangerous-Workflow","score":-1,"reason":"no workflows found","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Pinned-Dependencies","score":-1,"reason":"no dependencies found","details":null,"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE.txt:0","Info: FSF or OSI recognized license: ISC License: LICENSE.txt:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'master'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 3 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":1,"reason":"9 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-h46c-h94j-95f3","Warn: Project is vulnerable to: GHSA-wf8f-6423-gfxg","Warn: Project is vulnerable to: GHSA-3x8x-79m2-3w2w","Warn: Project is vulnerable to: GHSA-57j2-w4cx-62h2","Warn: Project is vulnerable to: GHSA-jjjh-jjxp-wpff","Warn: Project is vulnerable to: GHSA-rgv9-q543-rqg4","Warn: Project is vulnerable to: GHSA-3f7h-mf4q-vrm4","Warn: Project is vulnerable to: GHSA-4jrv-ppp4-jm57","Warn: Project is vulnerable to: GHSA-j288-q9x7-2f5v"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-19T21:31:58.447Z","repository_id":54428337,"created_at":"2025-08-19T21:31:58.447Z","updated_at":"2025-08-19T21:31:58.447Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":32582779,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-03T06:36:36.687Z","status":"ssl_error","status_checked_at":"2026-05-03T06:36:09.306Z","response_time":103,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["checks","github","github-checks","maven-plugin","unit-tests"],"created_at":"2024-10-15T06:11:10.733Z","updated_at":"2026-05-03T19:33:46.740Z","avatar_url":"https://github.com/j256.png","language":"Java","funding_links":["https://github.com/sponsors/j256","https://patreon.com/j256"],"categories":[],"sub_categories":[],"readme":"Test Check Publisher Maven Plugin\n=================================\n\n[![Maven Central](https://img.shields.io/maven-central/v/com.j256.simplejmx/simplejmx?style=flat-square)](https://mvnrepository.com/artifact/com.j256.testcheckpublisher/testcheckpublisher/latest)\n[![javadoc](https://javadoc.io/badge2/com.j256.testcheckpublisher/test-check-publisher-maven-plugin/javadoc.svg)](https://javadoc.io/doc/com.j256.testcheckpublisher/test-check-publisher-maven-plugin)\n[![CircleCI](https://circleci.com/gh/j256/test-check-publisher-maven-plugin.svg?style=svg)](https://circleci.com/gh/j256/test-check-publisher-maven-plugin) [![CodeCov](https://img.shields.io/codecov/c/github/j256/test-check-publisher-maven-plugin.svg)](https://codecov.io/github/j256/test-check-publisher-maven-plugin/)\n\nThis maven plugin is designed to take tests results produced by continuous integration and publish\nthem to github as a \"check\" annotation on a particular commit.  For the full instructions about how\nto get this working, see the\n[Test Check Publisher Github application](https://github.com/apps/test-check-publisher).\n\n* The source code be found on the [git repository](https://github.com/j256/test-check-publisher-maven-plugin).\n* Maven packages are published via [Maven Central](https://mvnrepository.com/artifact/com.j256.testcheckpublisher/testcheckpublisher/latest)\n* Documentation: [javadoc](https://javadoc.io/doc/com.j256.testcheckpublisher/test-check-publisher-maven-plugin)\n\nYou need to add the test-check-publisher integration to your repository and then add something like\nthe following to your `pom.xml` file in the `build`, `plugins` section:\n\n\t\u003cplugin\u003e\n\t\t\u003cgroupId\u003ecom.j256.testcheckpublisher\u003c/groupId\u003e\n\t\t\u003cartifactId\u003etest-check-publisher-maven-plugin\u003c/artifactId\u003e\n\t\t\u003cversion\u003e1.6\u003c/version\u003e\n\t\u003c/plugin\u003e\n\nAfter you have run your unit tests, you need to execute:\n\n\tmvn test-check-publisher:publish\n\n# Examples\n\nHere are some examples of output from github:\n\n* [Simulated errors](https://github.com/j256/test-check-publisher-maven-plugin/runs/1916045608)\n\n# Extensions\n\nRight now the plugin is pretty limited to Java/surefire results but the system has been built to be more generic.  If\nyou have a testing framework that you'd like it to support, please\n[add an issue](https://github.com/j256/test-check-publisher-maven-plugin/issues).  All that is required is the reading\nin test results and posting something like the following JSON entity to the server.\n\n```\n{\n  \"magic\": 237347409389423823,\n  \"owner\": \"owner\",\n  \"repository\": \"repo\",\n  \"commitSha\": \"sha\",\n  \"secret\": \"secret env value from installation\",\n  \"results\": {\n    \"name\": \"Test results name\",\n    \"numTests\": 10,\n    \"numFailures\": 1,\n    \"numErrors\": 2,\n    \"numSkipped\": 0,\n    \"fileResults\": [\n      {\n        \"path\": \"path/to/file1.java\",\n        \"startLineNumber\": 101,\n        \"endLineNumber\": 101,\n        \"testLevel\": \"ERROR\",\n        \"timeSeconds\": 0.1,\n        \"testName\": \"testName\",\n        \"message\": \"assert error\",\n        \"details\": \"more details here\"\n      }\n    ],\n  }\n}\n```\n\n# Screenshots\n\nThe following image shows an example of the output that you would see on Github associated with a particular commit.\nThis could provide more information if your Continuous Integration run failed because of a unit test issue.\n\n![Example of output showing how unit test lines in the commit are annotated.](https://marketplace-screenshots.githubusercontent.com/9010/2d1d8680-6b1f-11eb-9f76-cce7353daef8)\n![If a unit test fails that isn't in the commit, the file and line are displayed above for reference.](https://marketplace-screenshots.githubusercontent.com/9010/3ee24100-60be-11eb-8cfd-415a6caad49a)\n\n# Configuration\n\nThe maven plugin supports a couple of configuration parameters:\n\n\t\u003cplugin\u003e\n\t\t\u003cgroupId\u003ecom.j256.testcheckpublisher\u003c/groupId\u003e\n\t\t\u003cartifactId\u003etest-check-publisher-maven-plugin\u003c/artifactId\u003e\n\t\t\u003cconfiguration\u003e\n\t\t\t\u003cfield\u003evalue\u003c/field\u003e\n\t\t\u003c/configuration\u003e\n\t\u003c/plugin\u003e\n\n| Field | Default | Description |\n| ----- | ------- | ----------- |\n| serverUrl | See TestCheckPubMojo.java | URL of the server if you are running your own instance. |\n| maxNumResults | 50 | Maximum number of check results to post up to an internal limit of 500. |\n| secretEnvName | TEST_CHECK_PUBLISHER_SECRET | Name of the environmental variable holding the secret. |\n| secretValue | none | Should not be used for security reasons.  See secretEnvName. |\n| framework | SUREFIRE | Name of the framework to use to read in test results. |\n| context | detected | Name of the context to use to find git owner/repo/commit-sha. |\n| testReportDir | none | Directory holding the tests.  The framework can have a default. |\n| sourceDir | . | Directory holding the sources so we can find file paths. |\n| verbose | false | Verbose log output if mvn -X is used. |\n| format | none | Comma separated tokens that affect the resulting github checks format.  See below. |\n| ignorePass | false | Do not post any information about tests that pass. |\n| failOnError | true | Throw an exception and stop on error. Set to false to continue the build on error. |\n\n# Format Tokens\n\nIn the configuration for the plugin, you can specify a comma separated list of tokens which affect the resulting\ncheck annotations and details formatting. \n\nThe following tokens are supported:\n\n| Token | Default | Description |\n| ----- | ------- | ----------- |\n| nodetails | false | Do not write any entries into the details section at the top. |\n| noannotate | false | Don't write any annotations.  Only update the details section at the top. |\n| nopass | false | Do not emit annotations or details if the tests pass. |\n| alwaysannotate | false | Always emit annotations even if the test was not part of the commit. |\n| noemoji | false | Do not show the emoji at the front of each details section. |\n| passdetails | false | Write details for passing tests as well. |\n\nThere are two different checks output sections.  Closer to the top of the page is a details section which is used to\nprovide details of the check in markdown.  Below it is the annotations section where file and line-number is annotated\nwith the results of a test.  The problem is that not all of the files and line-numbers are shown in the commit.  You\nmight make a change to your code and fail a test that hasn't been touched in months and the annotation will look good\nbut the link to the file/line will be broken.  The server tries to detect this and writes some of the results into the\ndetails section and some into the annotations based on whether or not it was involved in the commit.  It's not perfect.\n\nIf you want all of your test results in the annotations section then you should use the `nodetails` token.  If you\nthink that the details looks good, you might try `noannotate`.  If you want to see the passing tests as well in the\ndetails section then you might want to add `alldetails`.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fj256%2Ftest-check-publisher-maven-plugin","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fj256%2Ftest-check-publisher-maven-plugin","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fj256%2Ftest-check-publisher-maven-plugin/lists"}