← Slack + Semgrep integrations

Get Findings with Semgrep API on New Message In Channels (Instant) from Slack API

Pipedream makes it easy to connect APIs for Semgrep, Slack and 2,200+ other apps remarkably fast.

Trigger workflow on
New Message In Channels (Instant) from the Slack API
Next, do this
Get Findings with the Semgrep API
No credit card required
Intro to Pipedream
Watch us build a workflow
Watch us build a workflow
8 min
Watch now ➜

Trusted by 1,000,000+ developers from startups to Fortune 500 companies

Adyen logo
Appcues logo
Bandwidth logo
Checkr logo
ChartMogul logo
Dataminr logo
Gopuff logo
Gorgias logo
LinkedIn logo
Logitech logo
Replicated logo
Rudderstack logo
SAS logo
Scale AI logo
Webflow logo
Warner Bros. logo
Adyen logo
Appcues logo
Bandwidth logo
Checkr logo
ChartMogul logo
Dataminr logo
Gopuff logo
Gorgias logo
LinkedIn logo
Logitech logo
Replicated logo
Rudderstack logo
SAS logo
Scale AI logo
Webflow logo
Warner Bros. logo

Developers Pipedream

Getting Started

This integration creates a workflow with a Slack trigger and Semgrep action. When you configure and deploy the workflow, it will run on Pipedream's servers 24x7 for free.

  1. Select this integration
  2. Configure the New Message In Channels (Instant) trigger
    1. Connect your Slack account
    2. Optional- Select one or more Channels
    3. Configure slackApphook
    4. Optional- Configure Resolve Names
    5. Optional- Configure Ignore Bots
    6. Optional- Configure Ignore replies in threads
  3. Configure the Get Findings action
    1. Connect your Semgrep account
    2. Select a Deployment Slug
  4. Deploy the workflow
  5. Send a test event to validate your setup
  6. Turn on the trigger

Details

This integration uses pre-built, source-available components from Pipedream's GitHub repo. These components are developed by Pipedream and the community, and verified and maintained by Pipedream.

To contribute an update to an existing component or create a new component, create a PR on GitHub. If you're new to Pipedream component development, you can start with quickstarts for trigger span and action development, and then review the component API reference.

Trigger

Description:Emit new event when a new message is posted to one or more channels
Version:1.0.21
Key:slack-new-message-in-channels

Slack Overview

The Pipedream Slack app enables you to build event-driven workflows that interact with the Slack API. Once you authorize the Pipedream app's access to your workspace, you can use Pipedream workflows to perform common Slack actions or write your own code against the Slack API.

The Pipedream Slack app is not a typical app. You don't interact with it directly as a bot, and it doesn't add custom functionality to your workspace out of the box. It makes it easier to automate anything you'd typically use the Slack API for, using Pipedream workflows.

  • Automate posting updates to your team channels
  • Create a bot to answer common questions
  • Integrate with your existing tools and services
  • And much more!

Trigger Code

import common from "../common/base.mjs";
import constants from "../common/constants.mjs";
import sampleEmit from "./test-event.mjs";

export default {
  ...common,
  key: "slack-new-message-in-channels",
  name: "New Message In Channels (Instant)",
  version: "1.0.21",
  description: "Emit new event when a new message is posted to one or more channels",
  type: "source",
  dedupe: "unique",
  props: {
    ...common.props,
    conversations: {
      propDefinition: [
        common.props.slack,
        "conversation",
      ],
      type: "string[]",
      label: "Channels",
      description: "Select one or more channels to monitor for new messages.",
      optional: true,
    },
    // eslint-disable-next-line pipedream/props-description,pipedream/props-label
    slackApphook: {
      type: "$.interface.apphook",
      appProp: "slack",
      async eventNames() {
        return this.conversations || [
          "message",
        ];
      },
    },
    resolveNames: {
      propDefinition: [
        common.props.slack,
        "resolveNames",
      ],
    },
    ignoreBot: {
      propDefinition: [
        common.props.slack,
        "ignoreBot",
      ],
    },
    ignoreThreads: {
      type: "boolean",
      label: "Ignore replies in threads",
      description: "Ignore replies to messages in threads",
      optional: true,
    },
  },
  methods: {
    ...common.methods,
    getSummary() {
      return "New message in channel";
    },
    async processEvent(event) {
      if (event.type !== "message") {
        console.log(`Ignoring event with unexpected type "${event.type}"`);
        return;
      }
      if (event.subtype && !constants.ALLOWED_MESSAGE_IN_CHANNEL_SUBTYPES.includes(event.subtype)) {
        // This source is designed to just emit an event for each new message received.
        // Due to inconsistencies with the shape of message_changed and message_deleted
        // events, we are ignoring them for now. If you want to handle these types of
        // events, feel free to change this code!!
        console.log("Ignoring message with subtype.");
        return;
      }
      if ((this.ignoreBot) && (event.subtype == "bot_message" || event.bot_id)) {
        return;
      }
      // There is no thread message type only the thread_ts field
      // indicates if the message is part of a thread in the event.
      if (this.ignoreThreads && event.thread_ts) {
        console.log("Ignoring reply in thread");
        return;
      }
      if (this.resolveNames) {
        if (event.user) {
          event.user_id = event.user;
          event.user = await this.getUserName(event.user);
        } else if (event.bot_id) {
          event.bot = await this.getBotName(event.bot_id);
        }
        event.channel_id = event.channel;
        event.channel = await this.getConversationName(event.channel);
        if (event.team) {
          event.team_id = event.team;
          event.team = await this.getTeamName(event.team);
        }
      }
      return event;
    },
  },
  sampleEmit,
};

Trigger Configuration

This component may be configured based on the props defined in the component code. Pipedream automatically prompts for input values in the UI and CLI.
LabelPropTypeDescription
SlackslackappThis component uses the Slack app.
N/Adb$.service.dbThis component uses $.service.db to maintain state between executions.
Channelsconversationsstring[]Select a value from the drop down menu.
slackApphook$.interface.apphook
Resolve NamesresolveNamesboolean

Instead of returning channel, team, and user as IDs, return their human-readable names.

Ignore BotsignoreBotboolean

Ignore messages from bots

Ignore replies in threadsignoreThreadsboolean

Ignore replies to messages in threads

Trigger Authentication

Slack uses OAuth authentication. When you connect your Slack account, Pipedream will open a popup window where you can sign into Slack and grant Pipedream permission to connect to your account. Pipedream securely stores and automatically refreshes the OAuth tokens so you can easily authenticate any Slack API.

Pipedream requests the following authorization scopes when you connect your account:

bookmarks:writecalls:readcalls:writechannels:historychannels:readchannels:writednd:readdnd:writeemoji:readfiles:readgroups:historygroups:readgroups:writeim:historyim:readim:writelinks:readlinks:writempim:historympim:readmpim:writepins:readpins:writereactions:readreactions:writereminders:readreminders:writeremote_files:readremote_files:sharestars:readstars:writeteam:readusergroups:readusergroups:writeusers:readusers:read.emailusers:writechat:write:botchat:write:usercommandsfiles:write:userusers.profile:writeusers.profile:readsearch:read

About Slack

Slack is a channel-based messaging platform. With Slack, people can work together more effectively, connect all their software tools and services, and find the information they need to do their best work — all within a secure, enterprise-grade environment.

Action

Description:Returns a list of findings for a specified deployment. [See the documentation](https://semgrep.dev/api/v1/docs/#tag/finding/operation/semgrep_app.core_exp.findings.handlers.issue.openapi_list_recent_issues)
Version:0.0.1
Key:semgrep-get-findings

Semgrep Overview

The Semgrep API enables developers to integrate powerful static code analysis within their workflows on Pipedream. Semgrep scans codebases for bugs, security issues, and code standards, making it a vital tool for maintaining code quality. On Pipedream, you can automate code reviews, enforce coding standards, and trigger alerts or actions based on scan results. By connecting Semgrep to Pipedream, you can streamline your CI/CD pipelines, notify teams of critical issues, and even auto-fix problems under certain conditions.

Action Code

import semgrep from "../../semgrep.app.mjs";

export default {
  key: "semgrep-get-findings",
  name: "Get Findings",
  description: "Returns a list of findings for a specified deployment. [See the documentation](https://semgrep.dev/api/v1/docs/#tag/finding/operation/semgrep_app.core_exp.findings.handlers.issue.openapi_list_recent_issues)",
  version: "0.0.1",
  type: "action",
  props: {
    semgrep,
    deploymentSlug: {
      propDefinition: [
        semgrep,
        "deploymentSlug",
      ],
    },
  },
  async run({ $ }) {
    const response = await this.semgrep.listFindings({
      $,
      deploymentSlug: this.deploymentSlug,
    });

    $.export("$summary", `Retrieved ${response.findings.length} findings for deployment \`${this.deploymentSlug}\``);

    return response;
  },
};

Action Configuration

This component may be configured based on the props defined in the component code. Pipedream automatically prompts for input values in the UI.

LabelPropTypeDescription
SemgrepsemgrepappThis component uses the Semgrep app.
Deployment SlugdeploymentSlugstringSelect a value from the drop down menu.

Action Authentication

Semgrep uses API keys for authentication. When you connect your Semgrep account, Pipedream securely stores the keys so you can easily authenticate to Semgrep APIs in both code and no-code steps.

About Semgrep

A fast, open-source, static analysis tool for profoundly improving software security and reliability.

More Ways to Connect Semgrep + Slack

Get Deployments with Semgrep API on New Star Added To Message (Instant) from Slack API
Slack + Semgrep
 
Try it
Get Findings with Semgrep API on New Star Added To Message (Instant) from Slack API
Slack + Semgrep
 
Try it
Get Projects with Semgrep API on New Star Added To Message (Instant) from Slack API
Slack + Semgrep
 
Try it
Update Project with Semgrep API on New Star Added To Message (Instant) from Slack API
Slack + Semgrep
 
Try it
Get Findings with Semgrep API on New Direct Message (Instant) from Slack API
Slack + Semgrep
 
Try it
New Message In Channels (Instant) from the Slack API

Emit new event when a new message is posted to one or more channels

 
Try it
New Channel Created (Instant) from the Slack API

Emit new event when a new channel is created.

 
Try it
New Direct Message (Instant) from the Slack API

Emit new event when a message was posted in a direct message channel

 
Try it
New Interaction Events (Instant) from the Slack API

Emit new events on new Slack interactivity events sourced from Block Kit interactive elements, Slash commands, or Shortcuts.

 
Try it
New Keyword Mention (Instant) from the Slack API

Emit new event when a specific keyword is mentioned in a channel

 
Try it
Send Message with the Slack API

Send a message to a user, group, private channel or public channel. See the documentation

 
Try it
Build and Send a Block Kit Message with the Slack API

Configure custom blocks and send to a channel, group, or user. See the documentation.

 
Try it
Reply to a Message Thread with the Slack API

Send a message as a threaded reply. See postMessage or scheduleMessage docs here

 
Try it
Add Emoji Reaction with the Slack API

Add an emoji reaction to a message. See the documentation

 
Try it
Archive Channel with the Slack API

Archive a channel. See the documentation

 
Try it

Explore Other Apps

1
-
24
of
2,200+
apps by most popular

HTTP / Webhook
HTTP / Webhook
Get a unique URL where you can send HTTP or webhook requests
Node
Node
Anything you can do with Node.js, you can do in a Pipedream workflow. This includes using most of npm's 400,000+ packages.
Python
Python
Anything you can do in Python can be done in a Pipedream Workflow. This includes using any of the 350,000+ PyPi packages available in your Python powered workflows.
OpenAI (ChatGPT)
OpenAI (ChatGPT)
OpenAI is an AI research and deployment company with the mission to ensure that artificial general intelligence benefits all of humanity. They are the makers of popular models like ChatGPT, DALL-E, and Whisper.
Premium
Salesforce
Salesforce
Web services API for interacting with Salesforce
Premium
HubSpot
HubSpot
HubSpot's CRM platform contains the marketing, sales, service, operations, and website-building software you need to grow your business.
Premium
Zoho CRM
Zoho CRM
Zoho CRM is an online Sales CRM software that manages your sales, marketing, and support in one CRM platform.
Premium
Stripe
Stripe
Stripe powers online and in-person payment processing and financial solutions for businesses of all sizes.
Shopify
Shopify
Shopify is a complete commerce platform that lets anyone start, manage, and grow a business. You can use Shopify to build an online store, manage sales, market to customers, and accept payments in digital and physical locations.
Premium
WooCommerce
WooCommerce
WooCommerce is the open-source ecommerce platform for WordPress.
Premium
Snowflake
Snowflake
A data warehouse built for the cloud
Premium
MongoDB
MongoDB
MongoDB is an open source NoSQL database management program.
Supabase
Supabase
Supabase is an open source Firebase alternative.
MySQL
MySQL
MySQL is an open-source relational database management system.
PostgreSQL
PostgreSQL
PostgreSQL is a free and open-source relational database management system emphasizing extensibility and SQL compliance.
Premium
AWS
AWS
Amazon Web Services (AWS) offers reliable, scalable, and inexpensive cloud computing services.
Premium
Twilio SendGrid
Twilio SendGrid
Send marketing and transactional email through the Twilio SendGrid platform with the Email API, proprietary mail transfer agent, and infrastructure for scalable delivery.
Amazon SES
Amazon SES
Amazon SES is a cloud-based email service provider that can integrate into any application for high volume email automation
Premium
Klaviyo
Klaviyo
Email Marketing and SMS Marketing Platform
Premium
Zendesk
Zendesk
Zendesk is award-winning customer service software trusted by 200K+ customers. Make customers happy via text, mobile, phone, email, live chat, social media.
Notion
Notion
Notion is a new tool that blends your everyday work apps into one. It's the all-in-one workspace for you and your team.
Slack
Slack
Slack is a channel-based messaging platform. With Slack, people can work together more effectively, connect all their software tools and services, and find the information they need to do their best work — all within a secure, enterprise-grade environment.
Microsoft Teams
Microsoft Teams
Microsoft Teams has communities, events, chats, channels, meetings, storage, tasks, and calendars in one place.
Schedule
Schedule
Trigger workflows on an interval or cron schedule.