Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@intuit/semantic-release-slack
Advanced tools
Post slack notifications to a webhook on success or failure of a semantic-release job
Post slack notifications to a webhook on success or failure of a semantic-release job
Step | Description |
---|---|
verifyConditions | Verify the SLACK_WEBHOOK_URL environment variable is set. |
success | Send a formatted message to the slack webhook provided with information about the most recent release |
fail | Send a formatted message to the slack webhook if the release fails |
yarn add --dev @intuit/semantic-release-slack
Add the following to your release.config.js
"plugins": [
// ...
["@intuit/semantic-release-slack", {
// These are the available platforms that the package can be downloaded from
"platforms": ["brew", "npm", "docker"]
}]
],
Ensure you have a webhook url in your process.env
under the name SLACK_WEBHOOK_URL
. The hook is
expected to contain https://hooks.slack.com
in the URL. Without this, your release will fail
because the plugin won't know where to post to.
Property | Type | Default | Example | Description |
---|---|---|---|---|
platforms | String[] | undefined | "platforms": ["brew", "npm"] | Available platforms that the package can be downloaded from. Can be anything. Supported emoji |
skipCommit | String | undefined | "skipCommit": "^fix\\(deps\\):" | Skips notifying when regex matches at least one commit in the release |
semverFilter | String[] | ["major", "minor", "patch"] | "semverFilter": ["major", "minor"] | Skips releases that do not match one of the configured types |
fullReleaseNotes | Boolean | false | "fullReleaseNotes": true | Provides the full release notes in slack instead of a link to the release notes |
FAQs
Post slack notifications to a webhook on success or failure of a semantic-release job
The npm package @intuit/semantic-release-slack receives a total of 984 weekly downloads. As such, @intuit/semantic-release-slack popularity was classified as not popular.
We found that @intuit/semantic-release-slack demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 5 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.