Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

cerebro-cli

Package Overview
Dependencies
Maintainers
1
Versions
7
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

cerebro-cli

> A novel recruiting tool using GitHub events.

  • 0.3.2
  • latest
  • npm
  • Socket score

Version published
Weekly downloads
8
increased by700%
Maintainers
1
Weekly downloads
 
Created
Source

Cerebro (cerebro-cli)

A novel recruiting tool using GitHub events.

Finding capable developers is challenging. This tool starts with a simple heuristic - the ability to get a pull request (PR) merged given a sufficient amount of feedback, and filters from there. Credit to @sequoia for this heuristic.

The flow is currently as follows:

  1. Listen to the public GitHub events firehose for pull request merge events on PRs that have a specified number of comments.
  2. Discard PRs made by bot users
  3. For each PR:
    1. Check if the language is your target language
    2. Check if the author of the PR is looking for a job

Table of Contents

Prerequisites

Usage

Cerebro can be run in a number of different ways, always configured by environment variables.

Configuration

The following environment variables are available:

  • LANGUAGES: Required. Comma separated list of the target languages you're looking for
  • GH_TOKEN: Not required but highly recommended. Your GitHub personal authentication token.
  • COMMENT_THRESHOLD: optional, default 3. Show PRs with review comments greater than or equal to this number
  • SHOW_NON_HIREABLE: optional, default false. Show applicants that are not explicitly marked as hireable.
  • CHANGESET_THRESHOLD: optional, default 5432. Only match PRs that have a total changeset (additions + subtractions) under this number.

Using npx

You can skip the whole installation process altogether and just run Cerebro using npx

GH_TOKEN=[insert GH token here] \
LANGUAGES=Solidity,Rust \
npx cerebro-cli

Using Docker and Docker Compose

With docker:

docker run -ti \
  -e GH_TOKEN=XXXXX \
  -e LANGUAGES=c++,javascript \
  aphelionz/cerebro-cli:v0.3.0

Or in your docker-compose file:

services:
  cerebro:
    image: aphelionz/cerebro-cli:v0.3.0
    environment:
      GH_TOKEN: XXXXX
      LANGUAGES: rust,solidity

Prometheus

By default, the app will expose Prometheus-compatible metrics on port 9100. These include all of the normal default nodejs metrics, as well as some custom metrics for Cerebro:

# HELP unique_events_processed Number of unique events processed by Cerebro
# TYPE unique_events_processed counter
unique_events_processed{app="cerebro"} 8811

# HELP suitable_pull_requests_found Number of suitable pull requests by Cerebro
# TYPE suitable_pull_requests_found counter
suitable_pull_requests_found{app="cerebro"} 6

# HELP candidates_found Count of candidates found by Cerebro so far
# TYPE candidates_found counter
candidates_found{app="cerebro"} 0

Contributing

Issues and PRs accepted. More info coming soon.

Installing from Source

git clone https://github.com/aphelionz/cerebro
cd cerebro
npm install

Then run npm start with the aforementioned environment variables to run, test, and develop!

Why doesn't this use GraphQL?

GitHub API v4 does not support listening to the public event timeline.

Future Work

  1. Better bot detection
    1. Bot detection really happens in two places, here and in the use of review_comments
  2. English proficiency
    1. Really needs a manual overview until we find / create a good enough tool for this
    2. Ideally would be any proficiency in language
  3. "Looking for a job" false negatives, and false positives too
    1. hireable is either null (false) or true. However null is the default because GH jobs is opt-in. So we only make a note of this for now.
  4. IPFS + OrbitDB integration? Or at least some database
  5. Readline and raw stdin integration to make a proper UI (or just make an API + website)
  6. Environment variable validation
    1. Is it possible to get the full list of supported GH languages?

Maintainers

@aphelionz

License

AGPL © 2020 Mark Henderson

FAQs

Package last updated on 28 Jun 2021

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc