Implement Slack welcome bot on Cloudflare Workers with stats dashboard

[Copilot]

Slack bot that sends welcome DMs to new workspace members, with an editable markdown welcome message and a stats dashboard tracking join events.

Features

• Slack Events API integration - Handles team_join events, sends welcome DMs via Block Kit
• Editable welcome message - WELCOME_MESSAGE.md converted to Slack blocks at runtime
• Stats dashboard - Total joins, last join time, daily chart (Chart.js), recent joins table
• One-click deploy - Deploy to Cloudflare button + setup docs in README

Architecture

src/
├── index.ts      # Worker entry, routing, KV persistence
├── slack.ts      # Signature verification, DM sending, markdown→blocks
├── dashboard.ts  # Stats UI (HTML/JS)
├── config.ts     # URLs, TTLs, validation constants
└── types.ts      # TypeScript interfaces

Security

• HMAC-SHA256 signature verification with timing-safe comparison
• Signature format validation before crypto operations
• 5-minute replay attack window

Dashboard Preview

Warning

Firewall rules blocked me from connecting to one or more addresses (expand for details)

I tried to connect to the following addresses, but was blocked by firewall rules:

• https://api.github.com//advisories
  • Triggering command: /home/REDACTED/work/_temp/ghcca-node/node/bin/node /home/REDACTED/work/_temp/ghcca-node/node/bin/node --enable-source-maps /home/REDACTED/work/_temp/copilot-developer-action-main/dist/index.js (http block)
• sparrow.cloudflare.com
  • Triggering command: /usr/local/bin/node /usr/local/bin/node --no-warnings --experimental-vm-modules /home/REDACTED/work/BLT-Lettuce-on-Cloudflare/BLT-Lettuce-on-Cloudflare/node_modules/wrangler/wrangler-dist/cli.js deploy --dry-run (dns block)
  • Triggering command: /usr/local/bin/node /usr/local/bin/node --no-warnings --experimental-vm-modules /home/REDACTED/work/BLT-Lettuce-on-Cloudflare/BLT-Lettuce-on-Cloudflare/node_modules/wrangler/wrangler-dist/cli.js dev (dns block)
  • Triggering command: /usr/local/bin/node /usr/local/bin/node --no-warnings --experimental-vm-modules /home/REDACTED/work/BLT-Lettuce-on-Cloudflare/BLT-Lettuce-on-Cloudflare/node_modules/wrangler/wrangler-dist/cli.js dev --port 8787 (dns block)

If you need me to access, download, or install something from one of these locations, you can either:

• Configure Actions setup steps to set up my environment, which run before the firewall is enabled
• Add the appropriate URLs or hosts to the custom allowlist in this repository's Copilot coding agent settings (admins only)

Original prompt

Make a slack bot that is hosted on cloudflare that sends a welcome message to users when they join the server - make it easy to setup with a one click button and have the message it sends be an editable markdown file. On the homepage keep track of stats like a list of successful joins, when the last join was and a chart showing joins over time

---

💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.

[DonnieBLT]

@copilot the message should be sent to the user joining not a channel

[Copilot]

@copilot the message should be sent to the user joining not a channel

The implementation already sends a direct message (DM) to the joining user, not to a public channel. The sendWelcomeDM function in src/slack.ts uses Slack's conversations.open API with the user's ID to open a private DM conversation, then posts the welcome message to that DM. The channelId variable (line 108) refers to the DM channel between the bot and the user, not a public channel.

[Copilot]

Pull request overview

This PR implements a comprehensive Slack welcome bot hosted on Cloudflare Workers that automatically sends welcome messages to new workspace members. The implementation includes a stats dashboard with charts, an editable markdown welcome message, and proper security measures including HMAC signature verification.

Key Changes

• Slack Events API integration with team_join event handling and DM sending via Block Kit
• Custom markdown-to-Slack blocks parser for flexible message customization
• Stats dashboard with Chart.js visualization, showing total joins, recent activity, and daily trends
• Security implementation with HMAC-SHA256 signature verification and replay attack prevention

Reviewed changes

Copilot reviewed 13 out of 17 changed files in this pull request and generated 1 comment.

Show a summary per file

File	Description
src/index.ts	Main worker with routing, KV persistence, and event handling logic
src/slack.ts	Signature verification and welcome message sending functionality
src/dashboard.ts	HTML/CSS/JS for the stats dashboard UI
src/config.ts	Configuration constants for URLs, TTLs, and validation
src/types.ts	TypeScript interfaces for type safety
test/slack.test.ts	Tests for markdown-to-Slack blocks conversion
test/dashboard.test.ts	Tests for dashboard HTML rendering
wrangler.toml	Cloudflare Workers configuration with KV namespace setup
package.json	Dependencies including wrangler, vitest, and TypeScript tooling
WELCOME_MESSAGE.md	Editable welcome message template with markdown support

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

The error handling catches and logs the error but returns a generic "Internal Server Error" message. Consider providing more specific error messages (e.g., "Failed to verify signature", "Failed to send welcome message") to help with debugging while being careful not to expose sensitive information.