Security News
Cloudflare Adds Security.txt Setup Wizard
Cloudflare has launched a setup wizard allowing users to easily create and manage a security.txt file for vulnerability disclosure on their websites.
@slack/client
Advanced tools
Read the full documentation for all the lovely details.
So you want to build a Slack app with Node.js? We've got you covered. {{ site.product_name }} is aimed at making building Slack apps ridiculously easy. This module will help you build on all aspects of the Slack platform, from dropping notifications in channels to fully interactive bots.
This is a wrapper around the Slack RTM and Web APIs.
This library provides the low level functionality you need to build reliable apps and projects on top of Slack's APIs. It:
This library does not attempt to provide application level support, e.g. regex matching and filtering of the conversation stream.
Most Slack apps are interested in posting messages into Slack channels, and generally working with our Web API. Read on to learn how to use {{ site.product_name }} to accomplish these tasks. Bots, on the other hand, are a bit more complex, so we have them covered in Building Bots.
All of these examples assume that you have set up a Slack app or custom integration, and understand the basic mechanics of working with the Slack Platform.
Incoming webhooks are an easy way to get notifications posted into Slack with a minimum of setup. You'll need to either have a custom incoming webhook set up, or an app with an incoming webhook added to it.
var IncomingWebhook = require('@slack/client').IncomingWebhook;
var url = process.env.SLACK_WEBHOOK_URL || ''; //see section above on sensitive data
var webhook = new IncomingWebhook(url);
webhook.send('Hello there', function(err, res) {
if (err) {
console.log('Error:', err);
} else {
console.log('Message sent: ', res);
}
});
You'll need a Web API token to call any of the Slack Web API methods. For custom integrations, you'll get this from the token generator, and for apps it will come as the final part of the OAuth dance.
Your app will interact with the Web API through the WebClient
object, which requires an access token to operate.
var WebClient = require('@slack/client').WebClient;
var token = process.env.SLACK_API_TOKEN || ''; //see section above on sensitive data
var web = new WebClient(token);
web.chat.postMessage('C1232456', 'Hello there', function(err, res) {
if (err) {
console.log('Error:', err);
} else {
console.log('Message sent: ', res);
}
});
Starting a bot up requires a bot token (bot tokens start with xoxb-
),
which can be had either creating a custom bot or by creating an app with a
bot user, at the end of the OAuth dance. If you aren't sure path is right for you,
have a look at the Bot Users documentation.
var RtmClient = require('@slack/client').RtmClient;
var CLIENT_EVENTS = require('@slack/client').CLIENT_EVENTS;
var bot_token = process.env.SLACK_BOT_TOKEN || '';
var rtm = new RtmClient(bot_token);
// The client will emit an RTM.AUTHENTICATED event on successful connection, with the `rtm.start` payload if you want to cache it
rtm.on(CLIENT_EVENTS.RTM.AUTHENTICATED, function (rtmStartData) {
console.log(`Logged in as ${rtmStartData.self.name} of team ${rtmStartData.team.name}, but not yet connected to a channel`);
});
// you need to wait for the client to fully connect before you can send messages
rtm.on(CLIENT_EVENTS.RTM.RTM_CONNECTION_OPENED, function () {
rtm.sendMessage("Hello!", channel);
});
rtm.start();
FAQs
Legacy wrapper for official Slack Platform's Web API, RTM API, and Incoming Webhook libraries. Use @slack/web-api, @slack/rtm-api, or @slack/webhook instead.
The npm package @slack/client receives a total of 71,336 weekly downloads. As such, @slack/client popularity was classified as popular.
We found that @slack/client demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Cloudflare has launched a setup wizard allowing users to easily create and manage a security.txt file for vulnerability disclosure on their websites.
Security News
The Socket Research team breaks down a malicious npm package targeting the legitimate DOMPurify library. It uses obfuscated code to hide that it is exfiltrating browser and crypto wallet data.
Security News
ENISA’s 2024 report highlights the EU’s top cybersecurity threats, including rising DDoS attacks, ransomware, supply chain vulnerabilities, and weaponized AI.