Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Mapping existing API calls to Ecosyte.ms API #313

Open
lirantal opened this issue Jul 30, 2024 · 0 comments
Open

Mapping existing API calls to Ecosyte.ms API #313

lirantal opened this issue Jul 30, 2024 · 0 comments
Assignees
@lirantal
Labels
documentation

Comments

@lirantal
Copy link
Owner

lirantal commented Jul 30, 2024
edited
Loading

Marshall / Capability Existing API Fields Ecosyte.ms API Fields Notes
Age: package maturity on registry http://registry.npmjs.org/<package> time, time.created https://packages.ecosyste.ms/api/v1/registries/npmjs.org/packages/safe-regex2
created_at Compares the time the package was created to the time the requested package version to install was created
Author http://registry.npmjs.org/<package-name> versions[packageVersion]._npmUser, versions[packageVersion]._npmUser.email, is the email valid? TBD TBD Author exists? is it the first time they published it? Core capability is identifying author information for the person who published a package@version
Downloads count https://api.npmjs.org/downloads/point/last-month/<package> TBD https://packages.ecosyste.ms/api/v1/registries/npmjs.org/packages/safe-regex2 downloads and downloads_period set to last-month being monthly None
README http://registry.npmjs.org/<package> readme https://packages.ecosyste.ms/api/v1/registries/npmjs.org/packages/safe-regex2 repo_metadata.metadata.files.readme and repo_metadata.html_url for the repository URL None
Repo http://registry.npmjs.org/<package> versions, dist-tags.latest https://packages.ecosyste.ms/api/v1/registries/npmjs.org/packages/safe-regex2 repository_url Verifies a source code repository exists for this package as part of the
Scripts http://registry.npmjs.org/<package> versions[<version>].scripts TBD TBD Checks whether run-scripts are defined for this package
Snyk https://snyk.io/api/v1/vuln/npm, https://snyk.io/test/npm and https://snyk.io/vuln/npm: TBD Not required Not required Continue to depend on Snyk APIs
License http://registry.npmjs.org/<package> license TBD TBD Ensure a license is specified for this package
Expired domains http://registry.npmjs.org/<package> TBD TBD TBD See notes about for identifying author information and use that to extract email addresses and test them for expiration. Emails are tested by resolving the email DNS records
Signatures uses pacote dependency None TBD TBD Ensures npm keys are matched for package
Provenance uses pacote dependency None TBD TBD None

Enriching with more metadata from Ecosyste.ms that we can integrate with:

  • Package data (https://packages.ecosyste.ms/api/v1/registries/npmjs.org/packages/safe-regex2) has:
    • rankings for downloads ratios, dependent_packages_count
    • deprecated shows up in status field either null (not deprecated) or set to deprecated string
    • maintainers key has a list of maintainer objects with their uuid, login, email and also packages_count as well as created_at
@lirantal lirantal self-assigned this Jul 30, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@lirantal lirantal

Labels
documentation
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@lirantal