New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

@trademe/reviewme

Package Overview
Dependencies
Maintainers
5
Versions
19
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@trademe/reviewme

Google Play and App Store reviews posted to Slack

3.0.2
Source
npm
Version published
Weekly downloads
2
100%
Maintainers
5
Weekly downloads
 
Created
Source

ReviewMe

NPM Version Downloads

ReviewMe is a nodejs app that monitors App Store and Google Play reviews, and posts them to Slack.

ReviewMe Preview

This project was originally forked from reviews-to-slack

Installation

npm install -g @trademe/reviewme

Usage

reviewme ~/myappsconfig.json

Config

ReviewMe requires a config file. A simple config looks something like:

{
  "slackHook": "https://hooks.slack.com/services/01234/5678",
  "verbose": true,
  "dryRun": false,
  "interval":300,
  "apps": [
    {
      "appId": "com.myandroidapp",
      "publisherKey": "~/publisher.json"
    },
    {
      "appId": "012345678",
      "regions": [
              "nz",
              "us"
      ]
    }
  ]
}

Options

  • slackHook: The slack hook for your Slack integration. Reviews will be posted here.
  • verbose: When enabled, log messages will be printed to the console
  • dryRun: When enabled, ReviewMe will post the latest app review for each app on startup. Useful for debugging
  • botIcon An image url to use for the bot avatar
  • showAppIcon Determines if app icon will be displayed (overrides botIcon)
  • channel Overrides the default Slack channel messages will be posted to
  • interval The interval (in seconds) to check for new reviews. Default: 300.
  • apps A list of apps to fetch reviews for. See App Options below
  • publisherKey Android Only The path to a Google Play Publisher private key (.json file). Used for accessing the Google Play Publisher API.

App options

Note: Some options override the global configuration

  • appId The Android app package name, or the iOS app ID.
  • regions iOS Only The ISO 3166-2 regions to fetch reviews for (use false to include all regions)
  • botIcon An image url to use for the bot avatar
  • showAppIcon Determines if app icon will be displayed (overrides botIcon)
  • channel Overrides the default Slack channel messages will be posted to

Google Play Publisher Key

ReviewMe requires access to the Google Play Publisher API to fetch reviews. You need to supply ReviewMe with a Google Play Publisher API private key:

  • Go to the Google Play Developer Console -> Settings -> API Access

  • Create a Google Play Android Developer project

  • Create a Service Account with "Service Accounts" -> "Service Account User" role

  • Download the private key (.json)

  • Supply the path to the private key in the config.json

Keywords

android
ios
google
play
app
store

FAQs

Package last updated on 07 Sep 2020

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Lazarus Strikes npm Again with New Wave of Malicious Packages

Research

Security News

Lazarus Strikes npm Again with New Wave of Malicious Packages

The Socket Research Team has discovered six new malicious npm packages linked to North Korea’s Lazarus Group, designed to steal credentials and deploy backdoors.

By Kirill Boychenko  -  Mar 10, 2025