npmpackage.info

Gathering detailed insights and metrics for hubot

Other packages similar to hubot

hubot-diagnostics

2.1.3

hubot scripts for diagnosing hubot

hubot-help

2.1.5

A hubot script to show available hubot commands

hubot-heroku-keepalive

1.0.3

A hubot script that keeps the hubot Heroko web dyno alive

hubot-slack

4.10.0

A Slack adapter for hubot

Gathering detailed insights and metrics for hubot

hubot

A customizable life embetterment robot.

11.3.2

16,660

MIT

JavaScript

15,194,012 5.7

Installations

npm install hubot

Pull Requests

Open

0

Total

856

Closed

260

Merged

596

Issues

Open

6

Total

824

Closed

818

Releases

v11.3.2

Published on 15 Nov 2024

v11.3.1

Published on 15 Nov 2024

v11.3.0

Published on 31 Aug 2024

v11.2.3

Published on 31 Aug 2024

v11.2.2

Published on 15 Aug 2024

v11.2.1

Published on 14 Aug 2024

View all 60 releases

Developer

hubotio

Developer Guide

BETA

Module System

CommonJS

Min. Node Version

>= 18

Typescript Support

No

Node Version

20.8.1

NPM Version

10.9.0 Statistics

16,660 Stars

2,307 Commits

3,749 Forks

589 Watching

1 Branches

253 Contributors

Updated on 26 Nov 2024

Languages

JavaScript (98.79%)

Shell (1.21%)

Total Downloads

Cumulative downloads

Total Downloads

15,194,012

Last day

-1.3%

10,859

Compared to previous day

Last week

-4%

77,594

Compared to previous week

Last month

-9.4%

331,415

Compared to previous month

Last year

41.5%

5,607,936

Compared to previous year

Daily Downloads

Weekly Downloads

Monthly Downloads

Yearly Downloads

Dependencies

connect-multiparty express express-basic-auth pino

Dev Dependencies

standard

Versions

Hubot

Note: v10.0.4 accidentally contains the removal of CoffeeScript; v10.0.5 puts it back in Note: v11 removes CoffeeScript and converts this codebase to ESM

Hubot is a framework to build chat bots, modeled after GitHub's Campfire bot of the same name, hubot. He's pretty cool. He's extendable with scripts and can work on many different chat services.

This repository provides a library that's distributed by npm that you use for building your own bots. See the documentation for details on getting up and running with your very own robot friend.

In most cases, you'll probably never have to hack on this repo directly if you are building your own bot. But if you do, check out CONTRIBUTING.md

Create your own Hubot instance

This will create a directory called myhubot in the current working directory.

1npx hubot --create myhubot --adapter @hubot-friends/hubot-slack
2npx hubot --create myhubot --adapter @hubot-friends/hubot-discord
3npx hubot --create myhubot --adapter @hubot-friends/hubot-ms-teams
4npx hubot --create myhubot --adapter @hubot-friends/hubot-irc

Review scripts/example.mjs. Create more scripts in the scripts folder.

License

See the LICENSE file for license rights and limitations (MIT).

Hubot History

Say hello to Hubot

Cartoon with Hubot

The Most Important Startup's Hardest Worker Isn't a Person

The Story of Hubot

Hubot by Hubotics

Automating Inefficiencies

Getting Started with Hubot

No vulnerabilities found.

10

Dangerous-Workflow

Determines if the project's GitHub Action workflows avoid dangerous patterns.

10

Maintained

Determines if the project is "actively maintained".

10

Binary-Artifacts

Determines if the project has generated executable (binary) artifacts in the source repository.

10

License

Determines if the project has defined a license.

10

Packaging

Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.

9

Vulnerabilities

Determines if the project has open, known unfixed vulnerabilities.

8

SAST

Determines if the project uses static code analysis.

1

Code-Review

Determines if the project requires human code review before pull requests (aka merge requests) are merged.

1

Pinned-Dependencies

Determines if the project has declared and pinned the dependencies of its build process.

Reason

dependency not pinned by hash detected -- score normalized to 1

Details

Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nodejs-macos.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/hubotio/hubot/nodejs-macos.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nodejs-macos.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/hubotio/hubot/nodejs-macos.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nodejs-ubuntu.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/hubotio/hubot/nodejs-ubuntu.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nodejs-ubuntu.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/hubotio/hubot/nodejs-ubuntu.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nodejs-windows.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/hubotio/hubot/nodejs-windows.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nodejs-windows.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/hubotio/hubot/nodejs-windows.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pipeline.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/hubotio/hubot/pipeline.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pipeline.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/hubotio/hubot/pipeline.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pipeline.yml:48: update your workflow using https://app.stepsecurity.io/secureworkflow/hubotio/hubot/pipeline.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pipeline.yml:52: update your workflow using https://app.stepsecurity.io/secureworkflow/hubotio/hubot/pipeline.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pipeline.yml:70: update your workflow using https://app.stepsecurity.io/secureworkflow/hubotio/hubot/pipeline.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pipeline.yml:76: update your workflow using https://app.stepsecurity.io/secureworkflow/hubotio/hubot/pipeline.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pipeline.yml:93: update your workflow using https://app.stepsecurity.io/secureworkflow/hubotio/hubot/pipeline.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pipeline.yml:95: update your workflow using https://app.stepsecurity.io/secureworkflow/hubotio/hubot/pipeline.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/sfab-gh-pages.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/hubotio/hubot/sfab-gh-pages.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/sfab-gh-pages.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/hubotio/hubot/sfab-gh-pages.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/sfab-gh-pages.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/hubotio/hubot/sfab-gh-pages.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/sfab-gh-pages.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/hubotio/hubot/sfab-gh-pages.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/sfab-gh-pages.yml:51: update your workflow using https://app.stepsecurity.io/secureworkflow/hubotio/hubot/sfab-gh-pages.yml/main?enable=pin
Warn: npmCommand not pinned by hash: bin/e2e-test.sh:15
Warn: npmCommand not pinned by hash: script/bootstrap:3
Warn: npmCommand not pinned by hash: script/release:12
Info: 0 out of 19 GitHub-owned GitHubAction dependencies pinned
Info: 5 out of 8 npmCommand dependencies pinned

0

Token-Permissions

Determines if the project's workflows follow the principle of least privilege.

0

CII-Best-Practices

Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.

0

Security-Policy

Determines if the project has published a security policy.

0

Fuzzing

Determines if the project uses fuzzing.

Score

5.7

/10

Last Scanned on 2024-11-18

The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.

Learn More