{"id":16539485,"url":"https://github.com/rickstaa/check-prb0t-action","last_synced_at":"2026-05-26T23:33:44.417Z","repository":{"id":65955714,"uuid":"602977833","full_name":"rickstaa/check-prb0t-action","owner":"rickstaa","description":"Simple GitHub action that checks whether a PR was created using the PRB0t PR anonymiser.","archived":false,"fork":false,"pushed_at":"2023-03-04T10:45:10.000Z","size":17,"stargazers_count":1,"open_issues_count":1,"forks_count":1,"subscribers_count":1,"default_branch":"main","last_synced_at":"2026-02-11T18:58:27.986Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/rickstaa.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2023-02-17T11:00:25.000Z","updated_at":"2023-02-18T12:07:55.000Z","dependencies_parsed_at":"2023-03-10T23:24:43.134Z","dependency_job_id":null,"html_url":"https://github.com/rickstaa/check-prb0t-action","commit_stats":null,"previous_names":[],"tags_count":8,"template":false,"template_full_name":null,"purl":"pkg:github/rickstaa/check-prb0t-action","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rickstaa%2Fcheck-prb0t-action","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rickstaa%2Fcheck-prb0t-action/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rickstaa%2Fcheck-prb0t-action/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rickstaa%2Fcheck-prb0t-action/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/rickstaa","download_url":"https://codeload.github.com/rickstaa/check-prb0t-action/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rickstaa%2Fcheck-prb0t-action/sbom","scorecard":{"id":775867,"data":{"date":"2025-08-11","repo":{"name":"github.com/rickstaa/check-prb0t-action","commit":"5dd995a35edc4f7d73fb9f6e206b17d876cdaf10"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":3.1,"checks":[{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Code-Review","score":0,"reason":"Found 0/12 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/release.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/rickstaa/check-prb0t-action/release.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/rickstaa/check-prb0t-action/release.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/rickstaa/check-prb0t-action/release.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/rickstaa/check-prb0t-action/release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:57: update your workflow using https://app.stepsecurity.io/secureworkflow/rickstaa/check-prb0t-action/release.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:59: update your workflow using https://app.stepsecurity.io/secureworkflow/rickstaa/check-prb0t-action/release.yml/main?enable=pin","Info:   0 out of   2 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of   4 third-party GitHubAction dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"SAST","score":0,"reason":"no SAST tool detected","details":["Warn: no pull requests merged into dev branch"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":0,"reason":"license file not detected","details":["Warn: project does not have a license file"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'main'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}}]},"last_synced_at":"2025-08-23T03:33:41.469Z","repository_id":65955714,"created_at":"2025-08-23T03:33:41.469Z","updated_at":"2025-08-23T03:33:41.469Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":33543973,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"ssl_error","status_checked_at":"2026-05-26T15:22:15.568Z","response_time":63,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-10-11T18:49:14.679Z","updated_at":"2026-05-26T23:33:44.401Z","avatar_url":"https://github.com/rickstaa.png","language":"Shell","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Check PRB0t action \u003c!-- omit in toc --\u003e\n\nSimple GitHub action that can be used to check whether a PR was created using the [PRB0t](https://github.com/PRB0t/PRB0t) PR anonymiser.\n\n- [QuickStart](#quickstart)\n- [Inputs](#inputs)\n- [Outputs](#outputs)\n  - [`used_prb0t`](#used_prb0t)\n- [Environment variables](#environment-variables)\n  - [`USED_PRBOT`](#used_prbot)\n- [Use-cases](#use-cases)\n  - [Automatically close pull requests](#automatically-close-pull-requests)\n    - [Close if used](#close-if-used)\n    - [Close if not used](#close-if-not-used)\n- [Contributing](#contributing)\n\n## QuickStart\n\n```yml\nname: PRB0t check action\non: [pull_request]\n\njobs:\n  prB0t_check:\n    runs-on: ubuntu-latest\n    steps:\n      - uses: actions/checkout@v3\n\n      # Check whether PRB0T was used.\n      - uses: rickstaa/check-prb0t-action@v1\n        id: prb0t_check\n\n      # Print the result using the env variable.\n      - run: |\n          echo \"PRB0t used: ${{ env.USED_PRB0T }}\"\n\n      # Print the result using the action output.\n      - run: |\n          echo \"PRB0t used: ${{ steps.prb0t_check.outputs.used_prb0t }}\"\n```\n\n## Inputs\n\nThis action does not yet have any inputs.\n\n## Outputs\n\n### `used_prb0t`\n\nBoolean specifying whether the PR was created using [PRB0t](https://github.com/PRB0t/PRB0t).\n\n## Environment variables\n\n### `USED_PRBOT`\n\nBoolean specifying whether the PR was created using [PRB0t](https://github.com/PRB0t/PRB0t).\n\n## Use-cases\n\n### Automatically close pull requests\n\nYou can use this action with the [actions/close-pull-request](https://github.com/marketplace/actions/close-pull-request) to automatically close pull request based on the condition returned by this action.\n\n#### Close if used\n\nFor some repositories, you want to discourage people from committing anonymously. If that is the case you can use the following GitHub action workflow:\n\n```yml\nname: PRB0t PR close action\non: [pull_request]\n\njobs:\n  prB0tClose:\n    runs-on: ubuntu-latest\n    steps:\n      - uses: actions/checkout@v3\n\n      # Check whether PRB0T was used.\n      - uses: rickstaa/check-prb0t-action@v1\n        id: prb0t_check\n\n      # Close PRs that used PRB0t.\n      - if: ${{ env.USED_PRB0T == 'true' }}\n        uses: superbrothers/close-pull-request@v3\n        with:\n          # Optional. Post an issue comment just before closing a pull request.\n          comment: \"We do not accept anonymous PRs. If you have any questions, please feel free to contact us.\"\n```\n\n#### Close if not used\n\nYou might only want to accept anonymous pull requests for other repositories to protect your contributors. If that is the case, you can use the following GitHub action workflow:\n\n```yml\nname: PRB0t PR close action\non: [pull_request]\n\njobs:\n  prB0tClose:\n    runs-on: ubuntu-latest\n    steps:\n      - uses: actions/checkout@v3\n\n      # Check whether PRB0T was used.\n      - uses: rickstaa/check-prb0t-action@v1\n        id: prb0t_check\n\n      # Close PRs that used PRB0t.\n      - if: ${{ env.USED_PRB0T == 'false' }}\n        uses: superbrothers/close-pull-request@v3\n        with:\n          # Optional. Post a issue comment just before closing a pull request.\n          comment: \"We only accept anonymous PRs. Please use [PRB0t](https://github.com/PRB0t/PRB0t) for creating your PR.\"\n```\n\n## Contributing\n\nFeel free to open an issue if you have ideas on how to make this GitHub action better or if you want to report a bug! All contributions are welcome. :rocket: Please consult the [contribution guidelines](CONTRIBUTING.md) for more information.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frickstaa%2Fcheck-prb0t-action","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Frickstaa%2Fcheck-prb0t-action","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frickstaa%2Fcheck-prb0t-action/lists"}