circle-github-bot
circle-github-bot copied to clipboard
themadcreator
CircleCI comments on github
Bumps [minimatch](https://github.com/isaacs/minimatch) from 3.0.4 to 3.1.2. Commits 699c459 3.1.2 2f2b5ff fix: trim pattern 25d7c0d 3.1.1 55dda29 fix: treat nocase:true as always having magic 5e1fb8d 3.1.0 f8145c5 Add 'allowWindowsEscape' option 570e8b1...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Bumps [js-yaml](https://github.com/nodeca/js-yaml) from 3.12.0 to 3.14.1. Changelog Sourced from js-yaml's changelog. [3.14.1] - 2020-12-07 Security Fix possible code execution in (already unsafe) .load() (in &anchor). [3.14.0] - 2020-05-22 Changed Support...
Bumps [path-parse](https://github.com/jbgutierrez/path-parse) from 1.0.6 to 1.0.7. Commits See full diff in compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter...
Artifact URL is not working any more, not sure when CircleCI changed the specification but we need to use `CIRCLE_WORKFLOW_JOB_ID`. https://support.circleci.com/hc/en-us/articles/5034956515355-How-to-Programmatically-Construct-the-URLs-for-Artifacts
Artifact URL is not working any more, not sure when CircleCI changed the specification but we need to use CIRCLE_WORKFLOW_JOB_ID. PR: https://github.com/themadcreator/circle-github-bot/pull/26
Hi, We've been using this package for a while, and noticed that it will not raise any errors of the github API calls fail. This is especially difficult to address...
- `CIRCLE_ARTIFACTS` variable no longer exists - artifact url no longer defaults to repo name in the path: `circleci/` -> `circleci/project` - `CI_PULL_REQUEST` not defined on commit builds (like merges...
Insecure
This approach seems very insecure to me. If `GH_AUTH_TOKEN` is exposed to pull requests, someone could simply add `echo $GH_AUTH_TOKEN` to the `circle.yml`, send a pull request, and see the...
Logging
let's please log a message to the console on success or failure of the comment postage.
You're currently forcing artifacts to come from the first container (id 0) in the following line: [index.coffee:64](https://github.com/themadcreator/circle-github-bot/blob/b0b3062c30dee05612090c5a8278c0677881872d/src/index.coffee#L64). Could you make that configurable?
