{"id":13850778,"url":"https://github.com/ogarcia/trellowarrior","last_synced_at":"2026-04-01T19:14:26.555Z","repository":{"id":53143938,"uuid":"45689668","full_name":"ogarcia/trellowarrior","owner":"ogarcia","description":"Tool to sync Taskwarrior projects with Trello boards","archived":false,"fork":false,"pushed_at":"2024-06-12T06:35:27.000Z","size":147,"stargazers_count":106,"open_issues_count":0,"forks_count":19,"subscribers_count":8,"default_branch":"master","last_synced_at":"2026-03-28T00:41:40.611Z","etag":null,"topics":["sync","task","taskwarrior","todo","trello"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ogarcia.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null},"funding":{"github":"ogarcia"}},"created_at":"2015-11-06T15:23:54.000Z","updated_at":"2026-02-06T19:10:43.000Z","dependencies_parsed_at":"2024-07-20T02:20:58.249Z","dependency_job_id":"3f6b8e62-638d-4e81-8799-1d1cfeac8cda","html_url":"https://github.com/ogarcia/trellowarrior","commit_stats":null,"previous_names":[],"tags_count":10,"template":false,"template_full_name":null,"purl":"pkg:github/ogarcia/trellowarrior","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ogarcia%2Ftrellowarrior","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ogarcia%2Ftrellowarrior/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ogarcia%2Ftrellowarrior/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ogarcia%2Ftrellowarrior/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ogarcia","download_url":"https://codeload.github.com/ogarcia/trellowarrior/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ogarcia%2Ftrellowarrior/sbom","scorecard":{"id":703174,"data":{"date":"2025-08-11","repo":{"name":"github.com/ogarcia/trellowarrior","commit":"ab9ac3f52a1ac681fc292de9f8a230b741edae66"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":3.1,"checks":[{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/python-publish.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/ogarcia/trellowarrior/python-publish.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/python-publish.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/ogarcia/trellowarrior/python-publish.yml/master?enable=pin","Warn: pipCommand not pinned by hash: .github/workflows/python-publish.yml:20","Warn: pipCommand not pinned by hash: .github/workflows/python-publish.yml:21","Info:   0 out of   2 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of   2 pipCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Code-Review","score":1,"reason":"Found 4/27 approved changesets -- score normalized to 1","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/python-publish.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: GNU General Public License v3.0: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'master'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Vulnerabilities","score":5,"reason":"5 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: PYSEC-2014-14 / GHSA-652x-xj99-gmcc","Warn: Project is vulnerable to: GHSA-9hjg-9r4m-mvj7","Warn: Project is vulnerable to: GHSA-9wx4-h78v-vm56","Warn: Project is vulnerable to: PYSEC-2014-13 / GHSA-cfj3-7x9c-4p3h","Warn: Project is vulnerable to: PYSEC-2018-28 / GHSA-x84v-xcm2-53pg"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 7 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}}]},"last_synced_at":"2025-08-22T05:42:46.931Z","repository_id":53143938,"created_at":"2025-08-22T05:42:46.932Z","updated_at":"2025-08-22T05:42:46.932Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31291111,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-01T13:12:26.723Z","status":"ssl_error","status_checked_at":"2026-04-01T13:12:25.102Z","response_time":53,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["sync","task","taskwarrior","todo","trello"],"created_at":"2024-08-04T21:00:18.305Z","updated_at":"2026-04-01T19:14:26.507Z","avatar_url":"https://github.com/ogarcia.png","language":"Python","funding_links":["https://github.com/sponsors/ogarcia"],"categories":["Python"],"sub_categories":[],"readme":"# TrelloWarrior\n\nTool to sync Taskwarrior projects with Trello boards.\n\n## Requirements\n\n### In Taskwarrior\n\nFirst for all you need configure some UDAs in Taskwarrior to store some\nTrello data. This is very, very, very important. If you dont have the UDAs\nconfigured before run TrelloWarrior you'll destroy your Taskwarrior tasks\ndata.\n\nTo set UDAs in Taskwarrior simply edit `.taskrc` and add the following\nlines.\n\n```\n# UDAs\nuda.trelloid.type=string\nuda.trelloid.label=Trello ID\nuda.trellolistname.type=string\nuda.trellolistname.label=Trello List Name\n```\n\nThe first UDA `trelloid` is used to store the Trello Card ID and establish\nan equivalence between Trello Cards and Taskwarrior Tasks. Note that you\nnever, never, never, never, (period), should edit this field.\n\nThe second UDA `trellolistname` is used to determine the Trello List where\nthe Card/Task is stored. You can edit this field without problems to move\nthe task to another list.\n\n### For TrelloWarrior\n\n#### Prepare the environment\n\n##### In Arch Linux\n\nTrelloWarrior is packaged in\n[AUR](https://aur.archlinux.org/packages/trellowarrior), to obtain it simply\nuse your AUR helper. For example with [yay](https://github.com/jguer/yay):\n\n```\nyay -S trellowarrior\n```\n\nOr if you prefer a fully binary package you can configure [Connectical Arch\nLinux repository](https://repo.connectical.com/).\n\n##### The easy way\n\nSimply create a Python 3 virtualenv and install [via\npip](https://pypi.org/project/trellowarrior/):\n\n```\npython3 -m venv trw\n. trw/bin/activate\npython3 -m pip install trellowarrior\n```\n\n##### By hand\n\nFor run TrelloWarrior you need to install\n[tasklib](https://github.com/robgolding63/tasklib) and\n[py-trello](https://github.com/sarumont/py-trello). TrelloWarrior uses these\nPython helpers to comunicate with Taskwarrior and Trello.\n\nYou can use your package system to install it, but the best way is to use\na Python 3 virtualenv:\n\n```sh\npython3 -m venv trw\n. trw/bin/activate\npython3 -m pip install tasklib\npython3 -m pip install py-trello\n```\n\n#### Get the keys\n\nTrelloWarrior access to Trello via API. You need generate an access token\nfor it.\n\nFirst go to: https://trello.com/app-key to get your API Key and API Secret.\n\nThen call TrelloWarrior with the authenticate command:\n\n```sh\ntrellowarrior auth --api-key your_api_key --api-key-secret your_api_secret --expiration 30days --name TrelloWarrior\n```\n\nNote: `--expiration` and `--name` are optional, they are set by default to\n`30days` and `TrelloWarrior` respectively.\n\nYou can set the `TRELLO_EXPIRATION` to `1hour`, `1day`, `30days`,\n`never`. We recomend use `30days` for tests and `never` for daily use.\n\nThis return some like this.\n\n```\nRequest Token:\n    - oauth_token        = 1c5ad394834dde42a7655437ab3e0060\n    - oauth_token_secret = dffc3a62622ef450028f685406bceacc\n\nGo to the following link in your browser:\nhttps://trello.com/1/OAuthAuthorizeToken?oauth_token=1c5ad334134dde46a8659437ab3e0069\u0026scope=read,write\u0026expiration=30days\u0026name=trellowarrior\nHave you authorized me? (y/n)\n```\n\nYou must visit the link to authorize the token. This gives you a pin like\nthis.\n\n```\nYou have granted access to your Trello information.\n\nTo complete the process, please give this verification code:\n\n  17894a35a2f745c3a184cf8e4bb5f1f9\n```\n\nRespond yes, and insert the pin.\n\n```\nWhat is the PIN? 17894a35a2f745c3a184cf8e4bb5f1f9\nAccess Token:\n    - oauth_token = 0469c6271416af6eae10123fdae0afc1135e9082bb0b5ba87b2f8a1db9d7f0b1\n    - oauth_token_secret = a978b159692cfc315377790669ac99a0\n\nYou may now access protected resources using the access tokens above.\n```\n\nThe config file is now initialized with the needed configuration variables.\n\n## Configuration\n\nThe TrelloWarrior config is very easy. There is a `trellowarrior.conf`\nsample file that you can modify to set with your data.\n\nYou can place the config file with `trellowarrior`, in your home as\n`~/.trellowarrior.conf` or (by default if not previous config file exists)\nfollowing the [XDG\nSpecification](https://specifications.freedesktop.org/basedir-spec/basedir-spec-latest.html)\nin `$XDG_CONFIG_HOME/trellowarrior/trellowarrior.conf` (fallbacks to\n`~/.config/trellowarrior/trellowarrior.conf`), or set the configuration file\npath with `-c` or `--config` argument.\n\nTo synchronize Trello and Taskwarrior, simply call TrelloWarrior with the\nsync command or without any command.\n\n```sh\ntrellowarrior sync\n```\n\nYou can also add a list of project(s) to synchronize:\n\n```sh\ntrellowarrior sync project1 project2\n```\n\n### DEFAULT Section\n\nIn the `DEFAULT` section, it is mandatory to set your Trello API key and\ntoken and, at least, one sync project.\nThe sync project corresponds to the following sections\nthat define the Taskwarrior project and Trello board equivalence.\n\n* `taskwarrior_taskrc_location` Optional. Define where your *taskrc* file is located. Default: `~/.taskrc`\n* `taskwarrior_data_location` Optional. Define where your *task* data dir is located. Default: `~/.task`\n\n* `trello_api_key` MANDATORY. Your Trello Api Key.\n* `trello_api_secret` MANDATORY. Your Trello Api Secret.\n* `trello_token` MANDATORY. Your Trello Token.\n* `trello_token_secret` MANDATORY. Your Trello Token Secret.\n\n* `sync_projects` MANDATORY. Define what sections are loaded, separated by spaces.\n\n### Project/Board Sections\n\nThe Project/Board sections are called from `sync_projects` and define the\nequivalence between Taskwarrior and Trello.\n\n* `taskwarrior_project_name` MANDATORY. The name of project in Taskwarrior.\n* `trello_board_name` MANDATORY. The name of Trello Board.\n* `trello_todo_list` Optional. The name of Trello list where new pending tasks are stored. Default: `To Do`\n* `trello_doing_list` Optional. The name of Trello list for active tasks. Default: `Doing`\n* `trello_done_list` Optional. The name of Trello list for done taks. Default: `Done`\n* `trello_lists_filter` Optional. To filter Trello lists from syncing.\n* `only_my_cards` Optional. Sync ony cards / tasks assigned to me.\n\n## Equivalences\n\n| Taskwarrior                      | Trello           |\n|----------------------------------|------------------|\n| UDA: trelloid                    | Card ID          |\n| UDA: trellolistname              | List Name        |\n| Project                          | Board Name       |\n| Description                      | Card Name        |\n| Due                              | Card Due Date    |\n| Tags                             | Card Labels      |\n| Annotation: [Trello URL]         | Card URL         |\n| Annotation: [Trello Description] | Card Description |\n\n## Known limitations\n\nThe main objective of TrelloWarrior is to be simple so it **doesn't manage\ncollisions**. The sync strategy is **last modified wins**, this means that if\nyou do a modification in Trello and later a modification in Taskwarrior,\nTrelloWarrior does the sync and keeps the Taskwarrior data, because it is\nthe last touched.\n\nYou can have infinite lists in your Trello, but all of them are considered\nas *pending*. You only can have one *doing* list and one *done* list, but\nthese lists can be configured.\n\nIf you have several boards with same name or several labels with same name,\nTrelloWarrior always picks the first one.\n\nOnly Trello labels with names are synchronized, you can apply labels without\nname but these are ignored.\n\nIf you remove a name from a label and left it without name, the action don't\ntouch date of cards and in next sync a new label will be created with the\nremoved name. You can rename labels without problems.\n\nNew labels are created by TrelloWarrior in black color.\n\nIf you modify *Card URL* or *Card Description* in Trello, the old annotation\nwill be deleted and replaced by a new one.\n\nIf you want to delete a *due date* you must do it in both Taskwarrior and\nTrello.\n\nFor now, only syncs *Title/Description*, *Due dates*, *Labels*, *Card URL*,\n*Card Description* and *Status*.\n\n## Contributing\n\nSee [CONTRIBUTING](CONTRIBUTING.md).\n\n## License\n\nThis software is licensed under the terms of the GNU General Public License\nversion 3 (GPLv3).\n\nFull text of the license is available in the [LICENSE](LICENSE) file and\n[online](https://opensource.org/licenses/gpl-3.0.html).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fogarcia%2Ftrellowarrior","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fogarcia%2Ftrellowarrior","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fogarcia%2Ftrellowarrior/lists"}