{"id":16099265,"url":"https://github.com/kagof/trello-link-github-action","last_synced_at":"2026-04-28T08:03:31.142Z","repository":{"id":65160433,"uuid":"414741419","full_name":"kagof/trello-link-github-action","owner":"kagof","description":"GitHub action to link a commit, pull request, or issue to a Trello card","archived":false,"fork":false,"pushed_at":"2023-08-14T11:24:22.000Z","size":213,"stargazers_count":1,"open_issues_count":1,"forks_count":3,"subscribers_count":2,"default_branch":"main","last_synced_at":"2026-04-14T10:22:15.601Z","etag":null,"topics":["action","actions","power-up","trello","trello-api"],"latest_commit_sha":null,"homepage":"","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/kagof.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.md","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2021-10-07T20:02:54.000Z","updated_at":"2025-05-09T15:40:40.000Z","dependencies_parsed_at":"2024-10-09T18:26:40.433Z","dependency_job_id":"ba411b02-a560-4104-a1b3-6b7696cb776e","html_url":"https://github.com/kagof/trello-link-github-action","commit_stats":{"total_commits":6,"total_committers":2,"mean_commits":3.0,"dds":"0.33333333333333337","last_synced_commit":"5bea6869de182a02a633b615478a6bbf26fc0528"},"previous_names":[],"tags_count":2,"template":false,"template_full_name":null,"purl":"pkg:github/kagof/trello-link-github-action","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kagof%2Ftrello-link-github-action","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kagof%2Ftrello-link-github-action/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kagof%2Ftrello-link-github-action/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kagof%2Ftrello-link-github-action/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/kagof","download_url":"https://codeload.github.com/kagof/trello-link-github-action/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kagof%2Ftrello-link-github-action/sbom","scorecard":{"id":547398,"data":{"date":"2025-08-11","repo":{"name":"github.com/kagof/trello-link-github-action","commit":"5bea6869de182a02a633b615478a6bbf26fc0528"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":2.5,"checks":[{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Code-Review","score":0,"reason":"Found 0/6 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/kagof/trello-link-github-action/test.yml/main?enable=pin","Info:   0 out of   1 GitHub-owned GitHubAction dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"SAST","score":0,"reason":"no SAST tool detected","details":["Warn: no pull requests merged into dev branch"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/test.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE.md:0","Info: FSF or OSI recognized license: MIT License: LICENSE.md:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'main'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Vulnerabilities","score":0,"reason":"16 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-7r3h-m5j6-3q42","Warn: Project is vulnerable to: GHSA-h5c3-5r3r-rr8q","Warn: Project is vulnerable to: GHSA-rmvr-2pp2-xj38","Warn: Project is vulnerable to: GHSA-xx4v-prfh-6cgc","Warn: Project is vulnerable to: GHSA-wf5p-g6vw-rhxx","Warn: Project is vulnerable to: GHSA-jr5f-v2jv-69x6","Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw","Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275","Warn: Project is vulnerable to: GHSA-74fj-2j2h-c42q","Warn: Project is vulnerable to: GHSA-pw2r-vq6v-hr8c","Warn: Project is vulnerable to: GHSA-jchw-25xp-jwwc","Warn: Project is vulnerable to: GHSA-cxjh-pqwp-8mfp","Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3","Warn: Project is vulnerable to: GHSA-r683-j2x4-v87g","Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw","Warn: Project is vulnerable to: GHSA-j8xg-fqg3-53r7"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-20T09:53:12.545Z","repository_id":65160433,"created_at":"2025-08-20T09:53:12.545Z","updated_at":"2025-08-20T09:53:12.545Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":32371673,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-27T20:07:02.737Z","status":"online","status_checked_at":"2026-04-28T02:00:07.250Z","response_time":56,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["action","actions","power-up","trello","trello-api"],"created_at":"2024-10-09T18:26:37.017Z","updated_at":"2026-04-28T08:03:31.124Z","avatar_url":"https://github.com/kagof.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Trello Link GitHub Action\n\n![Latest Release](https://img.shields.io/github/v/release/kagof/trello-link-github-action)\n\nView on the [GitHub Marketplace](https://github.com/marketplace/actions/trello-link-github-action)\n\nTrello has a [Power-Up to link GitHub commits, pull requests, branches, or issues to a card](https://trello.com/power-ups/55a5d916446f517774210004/github), however, this must be done manually. This action allows you to link a commit, pull request, or issue to a Trello card automatically by using Trello card identifiers in a commit message, pull request title or body, or issue title or body.\n\nThe Trello card `id`, `shortLink`, or `idShort` may be used in the tag. The `idShort` (ie, card number) is the easiest to use (in my opinion), assuming you use the Card Number plugin as described [here](#trello-board).\n\n## Usage\n\n### GitHub Repository Action\n\nIn your repository, create an action workflow with the following step:\n\n```yaml\n- name: Link to Trello\n  uses: kagof/trello-link-github-action@v1.1.0\n  with:\n    # Required.\n    # Allowed to be one of the following:\n    # 1. the board name\n    # 2. the board shortLink (can be found in the URL)\n    # 3. the boardId (can be found via the Trello REST API)\n    board-identifier: \"${{ secrets.BOARD_IDENTIFIER }}\"\n    # Required\n    # Secret token used to contact Trello\n    trello-token: \"${{ secrets.TRELLO_TOKEN }}\"\n    # Optional (default 'TRELLO-')\n    # When preceding a string in a commit message or PR body or title,\n    # indicates that the string is a Trello shortId.\n    # May be either:\n    # 1. an alpha string, eg TRELLO\n    # 2. an alpha string followed by a dash, eg TRELLO-\n    # 3. one of the characters ! @ # $ % ^ \u0026 * + = (note: must be exactly 1 char long)\n    marker: 'TRELLO-'\n```\n\nThis action may be triggered on commits, pull requests, or issues.\n\n#### Token\n\nA Trello token is required for this action. To generate it, visit https://trello.com/1/authorize?response_type=token\u0026scope=read,write\u0026name=Trello+Link+GitHub+Action+Token\u0026expiration=never\u0026key=09045f0c83d151e8d48ec9feb99e78ae in your browser, or adjust the name and expiration parameters in this URL to your liking.\n\n**KEEP THIS TOKEN SECRET**. It can be used to change or read data on any of the Trello boards you have access to. You should add it as a secret in your repository.\n\nYou may revoke this token at any time from your account settings page in Trello.\n\n### Trello Board\n\nIn your Trello board, it is recommended that you add the following Power-Ups:\n\n1. [Card Numbers by Reenhanced](https://trello.com/power-ups/59c3d177178a761767b49278/card-numbers-by-reenhanced) - this lets you easily see the Trello card's shortId.\n2. [GitHub](https://trello.com/power-ups/55a5d916446f517774210004/github) - this completes the integration with Trello\n\nAfter doing so and properly configuring them, your cards will look something like this:\n\n![Example Card](eg/example-card.png)\n\nNote the `#19` - this is the Trello shortId for this card.\n\n### Commits, Pull Requests, and Issues\n\nWhen opening commits, put your tag anywhere in the commit message. When opening pull requests or issues, place it anywhere in your title or body.\n\nAs long as there is a word break, your tag will be picked up. If your marker is a special character, the word break is not necessary. Multiple tags are allowed. Tags can use the card `id`, `idShort`, or `shortLink`.\n\nFor Example, if your marker is `TRELLO-`:\n\n#### Valid\n\n* `TRELLO-19 fixes that problem`\n* `TRELLO-19: fixes that problem`\n* `TRELLO-1234567890abcdefg1234567 using the card ID`\n* `TRELLO-AbcDeFga using the card shortLink`\n* `fixes TRELLO-19 and TRELLO-18`\n* `fix/TRELLO-19-fix-the-stuff`\n* `TRELLO-19,TRELLO-18`\n\n#### Invalid\n\n* `fixTRELLO-19`\n* `TRELLO-19fixes`\n\n## Known Shortcomings\n\n* If this action runs on a pull request, the commits in the PR are not considered during the run. This can be worked around by running the action on commits as well.\n* Branch are not (yet?) considered\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fkagof%2Ftrello-link-github-action","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fkagof%2Ftrello-link-github-action","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fkagof%2Ftrello-link-github-action/lists"}