{"id":41446875,"url":"https://github.com/theist/slatemess","last_synced_at":"2026-01-23T15:07:37.797Z","repository":{"id":57649224,"uuid":"319642451","full_name":"theist/slatemess","owner":"theist","description":"Slack incoming webhook command line client with support for template and environment substitution in messages","archived":false,"fork":false,"pushed_at":"2024-02-07T13:20:51.000Z","size":492,"stargazers_count":2,"open_issues_count":2,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2024-06-20T17:40:46.411Z","etag":null,"topics":["commandline","slack","template","webhook"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/theist.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2020-12-08T13:11:07.000Z","updated_at":"2024-02-12T10:57:50.000Z","dependencies_parsed_at":"2024-06-20T17:21:37.977Z","dependency_job_id":"a426dd04-1597-41b5-8bcf-f7772645f183","html_url":"https://github.com/theist/slatemess","commit_stats":null,"previous_names":[],"tags_count":4,"template":false,"template_full_name":null,"purl":"pkg:github/theist/slatemess","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/theist%2Fslatemess","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/theist%2Fslatemess/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/theist%2Fslatemess/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/theist%2Fslatemess/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/theist","download_url":"https://codeload.github.com/theist/slatemess/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/theist%2Fslatemess/sbom","scorecard":{"id":878858,"data":{"date":"2025-08-11","repo":{"name":"github.com/theist/slatemess","commit":"ddeb475ddf356c0c0470522bdfcb8abbf7bdfd53"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":2,"checks":[{"name":"Code-Review","score":0,"reason":"Found 0/19 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: topLevel 'contents' permission set to 'write': .github/workflows/release.yml:9","Warn: topLevel 'packages' permission set to 'write': .github/workflows/release.yml:10","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/theist/slatemess/release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/theist/slatemess/release.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/theist/slatemess/release.yml/main?enable=pin","Info:   0 out of   2 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of   1 third-party GitHubAction dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":0,"reason":"license file not detected","details":["Warn: project does not have a license file"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Signed-Releases","score":0,"reason":"Project has not signed or included provenance with any releases.","details":["Warn: release artifact v0.2.1 not signed: https://api.github.com/repos/theist/slatemess/releases/100527871","Warn: release artifact v0.2.0 not signed: https://api.github.com/repos/theist/slatemess/releases/100527209","Warn: release artifact v0.2.1 does not have provenance: https://api.github.com/repos/theist/slatemess/releases/100527871","Warn: release artifact v0.2.0 does not have provenance: https://api.github.com/repos/theist/slatemess/releases/100527209"],"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'main'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 16 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":0,"reason":"16 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GO-2023-1988 / GHSA-2wrh-6pvc-2jm9","Warn: Project is vulnerable to: GO-2023-2102 / GHSA-4374-p667-p6c8","Warn: Project is vulnerable to: GHSA-qppj-fm5r-hxr3","Warn: Project is vulnerable to: GO-2024-2687 / GHSA-4v7x-pqxf-cx7m","Warn: Project is vulnerable to: GO-2024-3333","Warn: Project is vulnerable to: GO-2025-3503 / GHSA-qxp5-gwg8-xv66","Warn: Project is vulnerable to: GO-2025-3595 / GHSA-vvgc-356p-c3xw","Warn: Project is vulnerable to: GO-2022-0197 / GHSA-4r78-hx75-jjj2 / GHSA-mv93-wvcp-7m7r","Warn: Project is vulnerable to: GO-2020-0014 / GHSA-vfw5-hrgq-h5wf","Warn: Project is vulnerable to: GO-2022-0536 / GHSA-39qc-96h7-956f / GHSA-hgr8-6h9x-f7q9","Warn: Project is vulnerable to: GO-2022-0236 / GHSA-h86h-8ppg-mxmh","Warn: Project is vulnerable to: GO-2021-0238 / GHSA-83g2-8m93-v3w7","Warn: Project is vulnerable to: GO-2022-0288","Warn: Project is vulnerable to: GO-2022-0969 / GHSA-69cg-p879-7622","Warn: Project is vulnerable to: GO-2022-1144 / GHSA-xrjj-mj9h-534m","Warn: Project is vulnerable to: GO-2023-1571 / GHSA-vvpx-j8f3-3w6h"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-24T07:12:10.096Z","repository_id":57649224,"created_at":"2025-08-24T07:12:10.096Z","updated_at":"2025-08-24T07:12:10.096Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28694465,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-23T14:15:13.573Z","status":"ssl_error","status_checked_at":"2026-01-23T14:09:05.534Z","response_time":59,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["commandline","slack","template","webhook"],"created_at":"2026-01-23T15:07:36.822Z","updated_at":"2026-01-23T15:07:37.791Z","avatar_url":"https://github.com/theist.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# slatemess - SLAck TEmplate MESSage\n\nThis is yet another command line client for sending messages to Slack incoming web hooks.\n\n## Why another?\n\nI did not find any command line client that I like. Also I had a custom requirement for my client, the ability to use a template engine able to substitute environment varilables in the slack payload. So I did another client.\n\n## Install\n\n```text\ngo get -u github.com/theist/slatemess\n```\n\n## Usage\n\n```text\n   slatemess -message \"\u003cMESSAGE\u003e\" | -file \u003cmessage file\u003e [-channel \u003cchannel\u003e] [-hook \u003chook url\u003e] [-icon \u003cslack emoji\u003e] [-user \u003cslack username\u003e] [-dry] [-debug]\n```\n\n```text\nUsage of slatemess:\n  -channel string\n        Override default user from hook\n  -debug\n        Print debug info\n  -dry\n        Will not send the payload to slack but print a curl command equivalent, with the computed payload\n  -fence\n        embed the text in a code fence, so it will be displayed as a code block\n  -file string\n        Provide a message by file\n  -hook string\n        Override Hook provided by ENV, if any\n  -icon string\n        Override default icon from hook, can be overriden by message's icon_emoji field\n  -message string\n        Provide a message by parameter\n  -user string\n        Override default user from hook\n```\n\n### Configuration precedence\n\nSlatemess will use environment variables, but also will add environment from these files if they exists in this order:\n\n- `.env`\n- `~/.slatemess`\n- `/etc/slatemess.cfg`\n- `/etc/slack.cfg`\n\nIf the Env variable already exists it won't be replaced, also once a file sets a varable it won't be replaced by the subsequent files.\n\nEnvironment variables, either existing or loaded from files can be overridden using parameters. Also, if the message contains fields for the icon, chanel or username, these will override both, Environment and parameters.\n\n`slatemess` will use these environment variables\n\n- `SLACK_HOOK`: HTTPS endpoint for the slack webhook, this can be overriden by the `-hook` parameter. Either env or `-hook` parameter is required\n- `SLACK_ICON`: icon for slack message, this can be overriden by the `-icon` parameter or the field `\"icon_emoji\"` in the message. This is optional as every hook has an associated icon.\n- `SLACK_USER`: user for slack message, this can be overriden by the `-user` parameter or the field `\"username\"` in the message. This is optional as every hook has an associated username.\n- `SLACK_CHANNEL`: channel for sending slack message, this can be overriden by the `-channel` parameter or the field `\"channel\"` in the message. This is optional as every hook has an associated destination channel.\n\n### Message mode\n\nMessage can be passed by three mutually exclusive methods to `slatemess`\n\n- `-message` parameter. The parameter will be passed as message body\n- `-file` parameter. The file will be read and passed to the message as a string\n- \"piped\" mode: using `command | slatemess` the standard output of the message will be passed as a string to slatemess.\n\nIf `-message` or `-file` are present in a piped operation the contents of stdin will be silently ignored.\n\n### Templating\n\nThe message will be interpreted as a [template using built in golang `text/template`](https://golang.org/pkg/text/template/)\n\nAlso Environment variables will be passed to the template allowing to do variable substitution with environment, for example this message template:\n\n```go-text-template\n{{ .USER }} uses {{ .EDITOR }}\n```\n\nwill generate the message (with my current env):\n\n```text\ntheist uses vim\n```\n\nIf a env variable contains the characters '{' or '}' or '\"' will not be available for substitution.\n\nIf a env variable used in substitution does not exists it will generate the string `\u003cno value\u003e`\n\nThe resulting messages will be passed as they are if they're detected as a valid json. If the messages aren't json but a string they will be enclosed in a basic slack message payload with this shape:\n\n```json\n{\n    \"text\": \"the message json safe\"\n}\n```\n\nUsing this feature is possible to send rich format messages to slack using [slack `blocks` syntax](https://api.slack.com/reference/block-kit/blocks) there's a sample under `samples/blocks` that will generate a message similar to this\n\n![blocks message](https://github.com/theist/slatemess/blob/media/sample_message.png?raw=true)\n\nwith the correct environment and a commandline like this:\n\n```shell\nslatemess -file samples/blocks -user slatemess -icon :ok_hand: -hook \u003chook_url\u003e\n```\n\n**WARNING**: If a template contains a valid field `icon_emoji`, `channel` or `username` these won't be overwritten and will override any value passed by environment or parameters.\n\n**WARNING**: Once a message is detected as json it will be sent as is, but completed with `icon_emoji`, `channel` and `username` if aren't already present. That won't restrain you from sending an invalid message to slack that won't produce any message.\n\n### Using code output for simple messages\n\nUsing the parameter `-fence` will enclose the message in code fences so it will be displayed as a code block. But note that if you intended it to be a valid json payload, the code fences will convert it to a basic message and it will be displayed as is.\n\n### Output as Curl\n\nIf parameter flag `-dry` is used it will show a curl command with the appropiate data payload and parameters instead of posting it to slack.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftheist%2Fslatemess","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ftheist%2Fslatemess","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftheist%2Fslatemess/lists"}