welcome[bot]
commented
4 years ago Thanks for opening this issue! If you would like to help implement an improvement, read more about contributing and consider submitting a pull request.
Open davidpaulsson opened 4 years ago
welcome[bot]
commented
4 years ago Thanks for opening this issue! If you would like to help implement an improvement, read more about contributing and consider submitting a pull request.
SimplyPhy
commented
4 years ago Big upvote on this from me -- dependabots spam our Slack and make the integration feel like more of a hassle than anything. We definitely need a way to prevent them from generating messages in Slack.
potiuk
commented
4 years ago @SimplyPhy @davidpaulsson, @huehnerlady, @timmyers , @rafeca, @exKAZUu, @bmesuere, @flavioribeiro, @nathanhleung, @at-ishikawa - just submitted PR for that one. I hope it's going to be ready to merge and released quickly.
dep
commented
3 years ago 
RawandKurdy
commented
2 years ago dependabot is way too spammy, we need this.
dialex
commented
2 years ago My team was forced to delete the GitHub Slack integration as soon as we enabled dependabot. Every day he have ~5 PRs/notifications. Creating a separate channel for it is not a solution because it will be a spam channel and no one will check it. This is a loss of productivity because now we have to manually ping each other when there's a PR from a human that needs review.
hellosagar
commented
2 years ago is this feature done?
pond
commented
2 years ago It's been almost 3 years now. Someone even submitted a PR. What gives?!
monsieurleberre
commented
1 year ago Hello, can you please let us know if there is an update on the deployment of this feature?
benatdelta
commented
1 year ago Our team is still waiting for this feature
alec-petersen
commented
1 year ago @sanjeev9160 @ashokirla Would it be possible to get an update on the progress of this feature?
randyshoopman
commented
1 year ago Maybe not ideal but if Github added the ability to default labels on PRs via pull_request_template.md then we could use the label filter feature of the slack integration to only show PRs from non bots. Just throwing that out there
andreasbsk
commented
1 year ago Any updates on this at all? Would be a great addition.
zomgbre
commented
1 year ago PLEASE can we have this!
Also having an issue setting pull request limit with dependabot and this on top of it is incredibly frustrating. :)
apagano-vue
commented
1 year ago Since it seems this is not something that Github is willing to implement here's our workaround if it helps someone:
SLACK_WEBHOOK_URL[opened, reopened, closed] PR events: name: slack notifications
on:
pull_request:
types: [opened, reopened, closed]
jobs:
opened:
name: opened PRs
# only notify when a PR is opened or reopened and it wasn't created by dependabot
if: ${{ (github.event.action == 'opened' || github.event.action == 'reopened') && github.event.pull_request.user.login != 'dependabot[bot]' }}
runs-on: ubuntu-latest
steps:
- name: Send custom JSON data to Slack workflow
id: slack
uses: slackapi/slack-github-action@v1.24.0
with:
payload: |
{
"blocks": [
{
"type": "header",
"text": {
"type": "plain_text",
"text": "New PR opened :rocket:",
"emoji": true
}
},
{
"type": "section",
"fields": [
{
"type": "mrkdwn",
"text": "Opened by:\n${{ github.event.pull_request.user.login }}"
},
{
"type": "mrkdwn",
"text": " Opened at:\n${{ github.event.pull_request.created_at }}"
}
]
},
{
"type": "section",
"text": {
"type": "mrkdwn",
"text": "<${{ github.event.pull_request.html_url }}|${{ github.event.pull_request.title }}>"
}
}
]
}
env:
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK
closed:
name: closed PRs
# only notify when a PR is closed and it wasn't created by dependabot
if: ${{ github.event.action == 'closed' && github.event.pull_request.user.login != 'dependabot[bot]' }}
runs-on: ubuntu-latest
steps:
- name: Send custom JSON data to Slack workflow
id: slack
uses: slackapi/slack-github-action@v1.24.0
with:
payload: |
{
"blocks": [
{
"type": "header",
"text": {
"type": "plain_text",
"text": "PR closed :white_check_mark:",
"emoji": true
}
},
{
"type": "section",
"fields": [
{
"type": "mrkdwn",
"text": "Closed by:\n${{ github.actor }}"
},
{
"type": "mrkdwn",
"text": " Closed at:\n${{ github.event.pull_request.closed_at }}"
}
]
},
{
"type": "section",
"text": {
"type": "mrkdwn",
"text": "<${{ github.event.pull_request.html_url }}|${{ github.event.pull_request.title }}>"
}
}
]
}
env:
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOKThe important filter to exclude any PRs generated by dependabot is if: ${{ github.event.pull_request.user.login != 'dependabot[bot]' }}
niklasHagner
commented
1 year ago @apagano-vue: Thanks a bunch! :star:
Tried it out and works most of the time.
But the github action will fail with json_error for PR-titles that contain double quotes. ${{ github.event.pull_request.title }} needs some string escaping
Because
"text": "<${{ github.event.pull_request.html_url }}|${{ github.event.pull_request.title }}>"
is output as JSON with too many quotes
"text:": "<$github.com/some-repo/my-fancy-feature|My "fancy" feature>"
and that results in invalid json
ElijahLynn
commented
1 year ago /github help in Slack says:
Label filters for issues, pull requests
Filter incoming events based on the user provided list of labels.
/github subscribe owner/repo +label:"my label"
/github unsubscribe owner/repo +label:"my label"
zomgbre
commented
1 year ago Nice, well that's new! Thanks for the heads up.
Just kidding, @ElijahLynn I tried your solution. Doesn't work. :(
sgarner
commented
1 year ago Nice, well that's new! Thanks for the heads up.
Nothing has changed? There has always been the ability to filter in events by whitelisting particular labels. But that's not very useful. What this issue is asking for is the inverse ability to filter out events by blacklisting particular unwanted labels.
pond
commented
1 year ago @sgarner Yes, that's right. Something like -label:"..." instead of +label:"...".
niklasHagner
commented
1 year ago To add to the GithubAction-solution from @apagano-vue
I found a solution to my previous comment
But the github action will fail with json_error for PR-titles that contain double quotes. ${{ github.event.pull_request.title }} needs some string escaping
I found that storing values as env vars results in string escaping.
So here's my variant which consistently uses env vars. (Plus some different formatting: one row with the PR info and a second row with username+avatar)
on:
pull_request:
types: [opened, reopened, closed]
jobs:
opened:
name: opened PRs
# only notify when a PR is opened or reopened by someone else than dependabot
if: ${{ (github.event.action == 'opened' || github.event.action == 'reopened') && github.event.pull_request.user.login != 'dependabot[bot]' }}
runs-on: ubuntu-latest
steps:
- name: Send custom JSON data to Slack workflow
id: slack
uses: slackapi/slack-github-action@v1.24.0
env:
PULL_REQUEST_NUMBER: ${{ github.event.pull_request.number }}
PULL_REQUEST_TITLE: ${{ github.event.pull_request.title }}
PULL_REQUEST_AUTHOR_NAME: ${{ github.event.pull_request.user.login }}
PULL_REQUEST_AUTHOR_ICON_URL: ${{ github.event.pull_request.user.avatar_url }}
PULL_REQUEST_URL: ${{ github.event.pull_request.html_url }}
PULL_REQUEST_ACTOR: ${{ github.actor }}
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK
with:
payload: |
{
"blocks": [
{
"type": "section",
"text": {
"type": "mrkdwn",
"text": ":mailbox: Opened PR <${{ env.PULL_REQUEST_URL }}|${{ env.PULL_REQUEST_NUMBER }} ${{ env.PULL_REQUEST_TITLE }}>"
}
},
{
"type": "context",
"elements": [
{
"type": "plain_text",
"text": "Author: ${{ env.PULL_REQUEST_AUTHOR_NAME }}"
},
{
"type": "image",
"image_url": "${{ env.PULL_REQUEST_AUTHOR_ICON_URL }}",
"alt_text": "github avatar"
}
]
}
]
}
merged:
name: merged PR
# only notify when a PR is merged by someone else than dependabot
if: ${{ github.event.pull_request.merged == true && github.event.pull_request.user.login != 'dependabot[bot]' }}
runs-on: ubuntu-latest
steps:
- name: Send custom JSON data to Slack workflow
id: slack
uses: slackapi/slack-github-action@v1.24.0
env:
PULL_REQUEST_NUMBER : ${{ github.event.pull_request.number }}
PULL_REQUEST_TITLE : ${{ github.event.pull_request.title }}
PULL_REQUEST_AUTHOR_NAME : ${{ github.event.pull_request.user.login }}
PULL_REQUEST_AUTHOR_ICON_URL : ${{ github.event.pull_request.user.avatar_url }}
PULL_REQUEST_URL : ${{ github.event.pull_request.html_url }}
PULL_REQUEST_ACTOR : ${{ github.actor }}
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK
with:
payload: |
{
"blocks": [
{
"type": "section",
"text": {
"type": "mrkdwn",
"text": ":merged: Merged PR <${{ env.PULL_REQUEST_URL }}|${{ env.PULL_REQUEST_NUMBER }} ${{ env.PULL_REQUEST_TITLE }}>"
}
},
{
"type": "context",
"elements": [
{
"type": "plain_text",
"text": "Author: ${{ env.PULL_REQUEST_AUTHOR_NAME }}"
},
{
"type": "image",
"image_url": "${{ env.PULL_REQUEST_AUTHOR_ICON_URL }}",
"alt_text": "github avatar"
}
]
}
]
}Result:
This can handle doublequotes in PR titles
(However it's not perfect, it cannot handle < or > since those are special key characters in this format)
zomgbre
commented
1 year ago Nice, well that's new! Thanks for the heads up.
Nothing has changed? There has always been the ability to filter in events by whitelisting particular labels. But that's not very useful. What this issue is asking for is the inverse ability to filter out events by blacklisting particular unwanted labels.
I was assuming the previous poster in the thread, @ElijahLynn, was sharing that that you could unsubscribe from dependabot PRs by doing the following:
/github unsubscribe owner/repo +label:"dependencies"I just had time to try it and it doesn't work. Carry on lol.
Dear Github, We've been asking for this feature for a long time please send help. :) Thanks, Your consumers
karlbecker
commented
8 months ago Hi GitHub, any chance we could do this now? Our GitHub integration is extremely noisy due to our Dependabot PRs, and a change like the one @zomgbre outlines above...
/github subscribe owner/repo -label:"dependencies"...would solve this for the hundreds of people who have emoji responded here.
Pretty please?
nerdalert
commented
4 months ago Shakes fist at the sky.. bump, 👋 GitHub. We're all drowning in dependabot messages for enough years meow, have mercy.
pond
commented
4 months ago @nerdalert Late-stage enshittification - more bloat, more features we don't really want (and all are buggy), inevitable infestation of AI, but the basic quality-of-life stuff just gets ignored while the ostensibly unchanged base starts to rot with more and more bugs creeping in over time.
Keep your eye out for the incoming 20%+ price rise and/or shuffling of tiers to force you to pay more.
Lord knows, I hope I'm wrong - as long as you can self-host GitLab there's viable competition for anyone to jump ship quite easily, and MS must know it.
I've seen many discussions on the whitelist label work (👏) but is there a plan to introduce a label blacklist as well?
Our team would like to be notified about new PRs on our different repositories, but with dependabot enabled it's WAY to spammy.