Post a recap of every PR RepoWarden merged, every CVE it patched, and every CI failure it auto-fixed straight into your team's Slack or Teams channel — daily or weekly, in your local time.
Every digest is one rich message — a header, a 2-line summary, a time-saved estimate, the top highlights linked to their PRs, any looming runtime EoL warnings, and two action buttons.
Time and value estimates use the same per-task benchmarks as the in-PR savings comment — 30 min per dependency update, 45 min per CI fix, 60 min per security fix, at $75/h fully-loaded engineer cost.
RepoWarden uses an incoming webhook — no OAuth flow, no bot to install. The setup is one form on Slack and one form on RepoWarden.
In Slack, open Apps → Incoming Webhooks → Add to Slack. Choose the channel that should receive digests (e.g. #engineering) and confirm.
Slack returns a Webhook URL that looks like https://hooks.slack.com/services/T…/B…/…. That URL is the secret — anyone holding it can post to the channel.
Go to Team settings → Notifications, click Add digest, and paste the URL. Pick:
The fan-out cron evaluates every schedule on the hour. The first time your slot ticks, the digest posts. Quiet weeks (zero PRs merged, nothing in review, no EoL warnings) stay silent — we'd rather show up when there's value than train your team to mute the channel.
All settings UI actions hit the same /api/notifications/digests endpoint. Authenticate with the session cookie + X-Team-Id header you'd use elsewhere.
curl -X POST https://api.repowarden.dev/api/notifications/digests \
-H "Content-Type: application/json" \
-H "X-Team-Id: <your-team-id>" \
--cookie "<session-cookie>" \
-d '{
"channel": "slack",
"webhookUrl": "https://hooks.slack.com/services/T000/B000/XXX",
"label": "#engineering",
"frequency": "weekly",
"dayOfWeek": 5,
"hourLocal": 9,
"timezone": "America/Los_Angeles",
"scope": "all"
}'dayOfWeek is 0–6 (Sun–Sat). hourLocal is 0–23 in timezone (any IANA name). Webhook URLs must be HTTPS; we reject localhost and *.local hosts.
Microsoft retired the legacy Office 365 Connectors in 2025, so we post via a Workflow webhook. The setup is fiddlier than Slack's once and then forgettable forever.
In the Teams desktop app, open Workflows from the side rail and search for the template “Post to a channel when a webhook request is received”. Pick the team and channel that should receive digests, then click Add workflow.
Microsoft generates a long URL ending in /triggers/manual/paths/invoke?…. Copy it — that's your webhook URL.
Same Notifications settings page — pick Microsoft Teams as the channel and paste the URL.
We render an Adaptive Card 1.4 — a header, the same FactSet of time/value, linked highlights, and OpenUrl actions. If your tenant blocks Adaptive Cards (rare), Teams will fall back to the message-card text.
curl -X POST https://api.repowarden.dev/api/notifications/digests \
-H "Content-Type: application/json" \
-H "X-Team-Id: <your-team-id>" \
--cookie "<session-cookie>" \
-d '{
"channel": "teams",
"webhookUrl": "https://prod-00.westus.logic.azure.com:443/workflows/.../triggers/.../paths/invoke",
"label": "Platform team",
"frequency": "daily",
"hourLocal": 8,
"timezone": "Europe/London",
"scope": "specific",
"repoIds": ["repo-id-1", "repo-id-2"]
}'scope: "specific" + repoIds lets one team route different repos to different Teams channels.
Email is the path of least resistance — every team starts with a default Monday 14:00 UTC weekly report sent to opted-in members. No setup needed.
email-channel digest schedule the same way you'd add Slack — leave the webhook URL blank, RepoWarden fans the message out to opted-in team members.The button on every digest links to a snooze handler that bumps the schedule's snoozedUntil to now + 7d. Members can snooze; only owners and admins can edit or delete a schedule.
Add as many digest schedules as you need — one Slack channel for #frontend, another for #platform, an email digest to your manager. Each has its own scope, time, and snooze state.
If zero PRs merged, nothing is in review, and there are no looming EoL warnings, we don't post. The schedule still records the slot so the next tick doesn't fire twice.
Slack and Teams APIs flake. We retry up to 3 times with exponential backoff on 5xx and 429s. 4xx responses (bad URL, unauthorised) short-circuit so we don't waste budget — fix the URL and the next slot will deliver.
curl -X POST https://api.repowarden.dev/api/notifications/digests/<id>/snooze \
-H "Content-Type: application/json" \
-H "X-Team-Id: <your-team-id>" \
--cookie "<session-cookie>" \
-d '{ "weeks": 1 }'weeks is clamped to 1–12. Pass an empty body to default to 1 week.
PRs merged, dependencies updated, CI fixes shipped, security advisories patched, and tasks still awaiting human review.
Engineer-minutes saved across the window, multiplied by a $75/h fully-loaded rate. Same numbers as the in-PR comment so they don't drift.
Up to 5 merged tasks, security-first ordered, each linking to its PR with the repo name and any severity tag inline.
Runtime EoL records (Node, Python, Go, …) that bite within 60 days, scoped to runtimes you actually use.
“View full report” deep-links to the dashboard with team SSO context preserved. “Snooze 1 week” links to the snooze handler.