Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
A framework for building GitHub Apps to automate and improve your workflow
A framework for building GitHub Apps to automate and improve your workflow
If you've ever thought, "wouldn't it be cool if GitHub could…"; I'm going to stop you right there. Most features can actually be added via GitHub Apps, which extend GitHub and can be installed directly on organizations and user accounts and granted access to specific repositories. They come with granular permissions and built-in webhooks. Apps are first class actors within GitHub.
Probot is a framework for building GitHub Apps in Node.js, written in TypeScript. GitHub Apps can listen to webhook events sent by a repository or organization. Probot uses its internal event emitter to perform actions based on those events. A simple Probot App might look like this:
export default (app) => {
app.on("issues.opened", async (context) => {
const issueComment = context.issue({
body: "Thanks for opening this issue!",
});
return context.octokit.issues.createComment(issueComment);
});
app.onAny(async (context) => {
context.log.info({ event: context.name, action: context.payload.action });
});
app.onError(async (error) => {
app.log.error(error);
});
};
If you've landed in this GitHub repository and are looking to start building your own Probot App, look no further than probot.github.io! The Probot website contains our extensive getting started documentation and will guide you through the set up process.
This repository hosts the code for the npm Probot package which is what all Probot Apps run on. Most folks who land in this repository are likely looking to get started building their own app.
Probot is built by people just like you! Most of the interesting things are built with Probot, so consider starting by writing a new app or improving one of the existing ones.
If you're interested in contributing to Probot itself, check out our contributing docs to get started.
Want to discuss with Probot users and contributors? Discuss on GitHub!
Have an idea for a cool new GitHub App (built with Probot)? That's great! If you want feedback, help, or just to share it with the world you can do so by creating an issue in the probot/ideas
repository!
FAQs
A framework for building GitHub Apps to automate and improve your workflow
We found that probot demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.