{"id":13457832,"url":"https://github.com/probot/probot","last_synced_at":"2025-10-19T02:57:20.005Z","repository":{"id":37285436,"uuid":"68414068","full_name":"probot/probot","owner":"probot","description":"🤖 A framework for building GitHub Apps to automate and improve your workflow","archived":false,"fork":false,"pushed_at":"2025-10-04T02:04:48.000Z","size":13463,"stargazers_count":9327,"open_issues_count":48,"forks_count":1004,"subscribers_count":122,"default_branch":"master","last_synced_at":"2025-10-04T03:37:12.378Z","etag":null,"topics":["github-apps","probot"],"latest_commit_sha":null,"homepage":"https://probot.github.io","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"isc","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/probot.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":".github/CODEOWNERS","security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2016-09-16T20:56:13.000Z","updated_at":"2025-10-04T02:00:28.000Z","dependencies_parsed_at":"2024-02-20T08:26:50.222Z","dependency_job_id":"73b4056b-bdb0-47f5-9d8d-59acbf22993d","html_url":"https://github.com/probot/probot","commit_stats":{"total_commits":1562,"total_committers":209,"mean_commits":7.473684210526316,"dds":0.6389244558258642,"last_synced_commit":"cbd4c38d3aa75789433549b35000397e42e43cf4"},"previous_names":[],"tags_count":368,"template":false,"template_full_name":null,"purl":"pkg:github/probot/probot","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/probot%2Fprobot","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/probot%2Fprobot/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/probot%2Fprobot/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/probot%2Fprobot/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/probot","download_url":"https://codeload.github.com/probot/probot/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/probot%2Fprobot/sbom","scorecard":{"id":485229,"data":{"date":"2025-08-11","repo":{"name":"github.com/probot/probot","commit":"6f2d0217c8fd04d7c67daccc5caacebb78aaea33"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":6.7,"checks":[{"name":"Maintained","score":10,"reason":"15 commit(s) and 10 issue activity found in the last 90 days -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Code-Review","score":6,"reason":"Found 11/16 approved changesets -- score normalized to 6","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Info: jobLevel 'actions' permission set to 'read': .github/workflows/codeql.yml:18","Info: jobLevel 'contents' permission set to 'read': .github/workflows/codeql.yml:19","Warn: no topLevel permission defined: .github/workflows/codeql.yml:1","Warn: no topLevel permission defined: .github/workflows/docs.yml:1","Warn: topLevel 'contents' permission set to 'write': .github/workflows/release.yml:12","Info: topLevel 'contents' permission set to 'read': .github/workflows/test.yml:13","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Pinned-Dependencies","score":5,"reason":"dependency not pinned by hash detected -- score normalized to 5","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/probot/probot/codeql.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/probot/probot/codeql.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/probot/probot/codeql.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docs.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/probot/probot/docs.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docs.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/probot/probot/docs.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/probot/probot/release.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/probot/probot/release.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/probot/probot/test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/probot/probot/test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:51: update your workflow using https://app.stepsecurity.io/secureworkflow/probot/probot/test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:55: update your workflow using https://app.stepsecurity.io/secureworkflow/probot/probot/test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:76: update your workflow using https://app.stepsecurity.io/secureworkflow/probot/probot/test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:80: update your workflow using https://app.stepsecurity.io/secureworkflow/probot/probot/test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:135: update your workflow using https://app.stepsecurity.io/secureworkflow/probot/probot/test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:139: update your workflow using https://app.stepsecurity.io/secureworkflow/probot/probot/test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:161: update your workflow using https://app.stepsecurity.io/secureworkflow/probot/probot/test.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:165: update your workflow using https://app.stepsecurity.io/secureworkflow/probot/probot/test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/probot/probot/test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/probot/probot/test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:111: update your workflow using https://app.stepsecurity.io/secureworkflow/probot/probot/test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:115: update your workflow using https://app.stepsecurity.io/secureworkflow/probot/probot/test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:185: update your workflow using https://app.stepsecurity.io/secureworkflow/probot/probot/test.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:188: update your workflow using https://app.stepsecurity.io/secureworkflow/probot/probot/test.yml/master?enable=pin","Info:   0 out of  21 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of   2 third-party GitHubAction dependencies pinned","Info:   7 out of   7 npmCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: ISC License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Packaging","score":10,"reason":"packaging workflow detected","details":["Info: Project packages its releases by way of GitHub Actions.: .github/workflows/release.yml:18"],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"SAST","score":10,"reason":"SAST tool is run on all commits","details":["Info: SAST configuration detected: CodeQL","Info: all commits (25) are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-19T17:35:26.871Z","repository_id":37285436,"created_at":"2025-08-19T17:35:26.871Z","updated_at":"2025-08-19T17:35:26.871Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":279678952,"owners_count":26209788,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-19T02:00:07.647Z","response_time":64,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["github-apps","probot"],"created_at":"2024-07-31T09:00:38.019Z","updated_at":"2025-10-19T02:57:19.959Z","avatar_url":"https://github.com/probot.png","language":"TypeScript","readme":"\u003cp align=\"center\"\u003e\n  \u003ca href=\"https://probot.github.io\"\u003e\u003cimg src=\"/static/robot.svg\" width=\"160\" alt=\"Probot's logo, a cartoon robot\" /\u003e\u003c/a\u003e\n\u003c/p\u003e\n\u003ch3 align=\"center\"\u003e\u003ca href=\"https://probot.github.io\"\u003eProbot\u003c/a\u003e\u003c/h3\u003e\n\u003cp align=\"center\"\u003eA framework for building GitHub Apps to automate and improve your workflow\u003c/p\u003e\n\u003cp align=\"center\"\u003e\u003ca href=\"https://npmjs.com/package/probot\"\u003e\u003cimg src=\"https://badgen.net/npm/v/probot\" alt=\"npm\"\u003e\u003c/a\u003e \u003ca href=\"https://github.com/probot/probot/actions\"\u003e\u003cimg src=\"https://github.com/probot/probot/actions/workflows/test.yml/badge.svg\" alt=\"Build Status\"\u003e\u003c/a\u003e \u003ca href=\"https://twitter.com/ProbotTheRobot\"\u003e\u003cimg src=\"https://img.shields.io/twitter/follow/ProbotTheRobot\" alt=\"@ProbotTheRobot on Twitter\"\u003e\u003c/a\u003e\n\u003c/p\u003e\n\n---\n\nIf you've ever thought, \"wouldn't it be cool if GitHub could…\"; I'm going to stop you right there. Most features can actually be added via [GitHub Apps](https://docs.github.com/en/developers/apps), which extend GitHub and can be installed directly on organizations and user accounts and granted access to specific repositories. They come with granular permissions and built-in webhooks. Apps are first class actors within GitHub.\n\n## How it works\n\n**Probot is a framework for building [GitHub Apps](https://docs.github.com/en/developers/apps) in [Node.js](https://nodejs.org/)**, written in [TypeScript](https://www.typescriptlang.org/). GitHub Apps can listen to webhook events sent by a repository or organization. Probot uses its internal event emitter to perform actions based on those events. A simple Probot App might look like this:\n\n```js\nexport default (app) =\u003e {\n  app.on(\"issues.opened\", async (context) =\u003e {\n    const issueComment = context.issue({\n      body: \"Thanks for opening this issue!\",\n    });\n    return context.octokit.issues.createComment(issueComment);\n  });\n\n  app.onAny(async (context) =\u003e {\n    context.log.info({ event: context.name, action: context.payload.action });\n  });\n\n  app.onError(async (error) =\u003e {\n    app.log.error(error);\n  });\n};\n```\n\n## Building a Probot App\n\nIf you've landed in this GitHub repository and are looking to start building your own Probot App, look no further than [probot.github.io](https://probot.github.io/docs/)! The Probot website contains our extensive getting started documentation and will guide you through the set up process.\n\nThis repository hosts the code for the npm Probot package which is what all Probot Apps run on. Most folks who land in this repository are likely looking to get started [building their own app](https://probot.github.io/docs/).\n\n## Contributing\n\nProbot is built by people just like you! Most of the interesting things are built _with_ Probot, so consider starting by [writing a new app](https://probot.github.io/docs/) or improving one of the [existing ones](https://github.com/search?q=topic%3Aprobot-app\u0026type=Repositories).\n\nIf you're interested in contributing to Probot itself, check out our [contributing docs](CONTRIBUTING.md) to get started.\n\nWant to discuss with Probot users and contributors? [Discuss on GitHub](https://github.com/probot/probot/discussions)!\n\n## Ideas\n\nHave an idea for a cool new GitHub App (built with Probot)? That's great! If you want feedback, help, or just to share it with the world you can do so by [creating an issue in the `probot/ideas` repository](https://github.com/probot/ideas/issues/new)!\n","funding_links":[],"categories":["TypeScript","JavaScript","*.js","HarmonyOS","others","Automation","probot","Github","Agent Frameworks"],"sub_categories":["Node","Windows Manager","React Components","zsh 插件","Self-Healing CI"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fprobot%2Fprobot","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fprobot%2Fprobot","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fprobot%2Fprobot/lists"}