health_status_calculator

Calculates repo health status based on vulnerabilities and dependencies

About

This project calculates the health status of a repo by making use of the GitHub api
health status = number of dependencies/summation(number of vulnerabilities * severity score)
severity score dictionary = {'critical': 1, 'high': 0.8,'moderate': 0.5,'minor': 0.1}

How to run

1. Clone repo and open in IDE of choice
2. Generate a GitHub personal access token (classic)
   Token should atleast have admin:public_key scope
3. Create a file named access_token.yaml and store your token in it.
   File should look like this:
   ---
   token : 'yourToken'
4. Add token and update repo and branch targets in configuration file
5. Open the terminal and run docker compose up
6. Run docker exec health_status_calculator-app-1 python /code/api/pass_data.py or go to http://127.0.0.1:8000/docs

How to configure for custom runs

Update pass_data or use http://127.0.0.1:8000/docs

Sample experiments

https://github.com/brave/brave-browser

owner : brave
repo : brave-browser

base : master
head : 0.72.x
health_status = 0.036630036630036625

base : master
head = 1.50.x
health_status = 0

https://github.com/spring-projects/spring-framework

owner : spring-projects
repo : spring-framework

base : 3.0.x
head : 3.1.x
health_status = 0.0006205450990727045

base : main
head : 5.3.x
health_status = 0

https://github.com/hibernate/hibernate-reactive

owner : hibernate
repo : hibernate-reactive

base : 1.0
head : 1.1
health_status = 0

base : main
head : 1.1
health_status = 0

https://github.com/fastify/fastify

owner : fastify
repo : fastify

base : 1.x
head : 2.x
health_status = 180.0

base : main
head : fix-log-test-node-v16
health_status = 0

https://github.com/expressjs/express

owner : expressjs
repo : express

base : benchmark
head : triage
health_status = 0.15624999999999994

base : master
head : develop
health_status = 0