npmpackage.info

@backstage/backend-plugin-api

Backstage is an open framework for building developer portals

1.1.0

28,903

Apache-2.0

TypeScript

214.83 kB

13,757,912 6.3

Installations

npm install @backstage/backend-plugin-api

Developer Guide

BETA

Typescript

Yes

Module System

CommonJS, ESM

Pull Requests

Open

111

Total

20,661

Closed

3,168

Merged

17,382

Issues

Open

359

Total

6,395

Closed

6,036

Releases

396

v1.34.2

Published on 24 Dec 2024

v1.35.0-next.0

Published on 24 Dec 2024

v1.34.1

Published on 20 Dec 2024

v1.34.0

Published on 17 Dec 2024

v1.33.6

Published on 12 Dec 2024

v1.34.0-next.2

Published on 10 Dec 2024

View all 396 releases

Contributors

1,622

View all 1,622 contributors

Languages

TypeScript

MDX

JavaScript

CSS

Handlebars

Mustache

HTML

Dockerfile

SCSS

Shell

Makefile

HCL

PowerShell

TypeScript (94.69%)

MDX (2.11%)

JavaScript (1.92%)

CSS (0.73%)

Handlebars (0.22%)

Mustache (0.11%)

HTML (0.05%)

Dockerfile (0.05%)

SCSS (0.05%)

Shell (0.03%)

Makefile (0.03%)

HCL (0.01%)

Developer

backstage

Download Statistics

Total Downloads

13,757,912

Last Day

8,185

Last Week

134,663

Last Month

2,306,927

Last Year

9,791,955

GitHub Statistics

28,903 Stars

61,395 Commits

6,125 Forks

233 Watching

514 Branches

1,622 Contributors

Maintainers

Package Meta Information

Latest Version

1.1.0

Package Id

@backstage/backend-plugin-api@1.1.0

Unpacked Size

214.83 kB

Size

41.69 kB

File Count

Publised On

17 Dec 2024

Total Downloads

Cumulative downloads

Total Downloads

13,757,912

Last day

-80.6%

8,185

Compared to previous day

Last week

-39.6%

134,663

Compared to previous week

Last month

24.2%

2,306,927

Compared to previous month

Last year

174.2%

9,791,955

Compared to previous year

Daily Downloads

Weekly Downloads

Monthly Downloads

Yearly Downloads

Dependencies

@backstage/cli-common @backstage/config @backstage/errors @backstage/plugin-auth-node @backstage/plugin-permission-common @backstage/types @types/express @types/luxon knex luxon

Dev Dependencies

@backstage/backend-test-utils @backstage/cli

Versions

Backstage

English | 한국어 | 中文版 | Français

What is Backstage?

Backstage is an open source framework for building developer portals. Powered by a centralized software catalog, Backstage restores order to your microservices and infrastructure and enables your product teams to ship high-quality code quickly without compromising autonomy.

Backstage unifies all your infrastructure tooling, services, and documentation to create a streamlined development environment from end to end.

software-catalog

Out of the box, Backstage includes:

Backstage Software Catalog for managing all your software such as microservices, libraries, data pipelines, websites, and ML models
Backstage Software Templates for quickly spinning up new projects and standardizing your tooling with your organization’s best practices
Backstage TechDocs for making it easy to create, maintain, find, and use technical documentation, using a "docs like code" approach
Plus, a growing ecosystem of open source plugins that further expand Backstage’s customizability and functionality

Backstage was created by Spotify but is now hosted by the Cloud Native Computing Foundation (CNCF) as an Incubation level project. For more information, see the announcement.

Project roadmap

For information about the detailed project roadmap including delivered milestones, see the Roadmap.

Getting Started

To start using Backstage, see the Getting Started documentation.

Documentation

The documentation of Backstage includes:

Community

To engage with our community, you can use the following resources:

Discord chatroom - Get support or discuss the project
Contributing to Backstage - Start here if you want to contribute
RFCs - Help shape the technical direction
FAQ - Frequently Asked Questions
Code of Conduct - This is how we roll
Adopters - Companies already using Backstage
Blog - Announcements and updates
Newsletter - Subscribe to our email newsletter
Backstage Community Sessions - Join monthly meetups and explore Backstage community
Give us a star ⭐️ - If you are using Backstage or think it is an interesting project, we would love a star ❤️

Governance

See the GOVERNANCE.md document in the backstage/community repository.

License

Copyright 2020-2024 © The Backstage Authors. All rights reserved. The Linux Foundation has registered trademarks and uses trademarks. For a list of trademarks of The Linux Foundation, please see our Trademark Usage page: https://www.linuxfoundation.org/trademark-usage

Licensed under the Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0

Security

Please report sensitive security issues using Spotify's bug-bounty program rather than GitHub.

For further details, see our complete security release process.

No vulnerabilities found.

10

Binary-Artifacts

Determines if the project has generated executable (binary) artifacts in the source repository.

10

CI-Tests

Determines if the project runs tests before pull requests are merged.

10

Code-Review

Determines if the project requires human code review before pull requests (aka merge requests) are merged.

10

Contributors

Determines if the project has a set of contributors from multiple organizations (e.g., companies).

10

Dependency-Update-Tool

Determines if the project uses a dependency update tool.

10

License

Determines if the project has defined a license.

10

Maintained

Determines if the project is "actively maintained".

10

Packaging

Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.

10

SAST

Determines if the project uses static code analysis.

10

Security-Policy

Determines if the project has published a security policy.

8

Pinned-Dependencies

Determines if the project has declared and pinned the dependencies of its build process.

Reason

dependency not pinned by hash detected -- score normalized to 8

Details

Warn: containerImage not pinned by hash: contrib/.devcontainer/Dockerfile:1: pin your Docker image by updating mcr.microsoft.com/devcontainers/typescript-node:20 to mcr.microsoft.com/devcontainers/typescript-node:20@sha256:6a200731ff2e66af7d342c8118f989822e81ab98c2ad2e5c180fa308d057e395
Warn: containerImage not pinned by hash: contrib/docker/devops/Dockerfile:3
Warn: containerImage not pinned by hash: contrib/docker/frontend-with-nginx/Dockerfile.dockerbuild:38
Warn: containerImage not pinned by hash: contrib/docker/frontend-with-nginx/Dockerfile.dockerbuild:49: pin your Docker image by updating nginx:mainline to nginx:mainline@sha256:42e917aaa1b5bb40dd0f6f7f4f857490ac7747d7ef73b391c774a41a8b994f15
Warn: containerImage not pinned by hash: contrib/docker/frontend-with-nginx/Dockerfile.hostbuild:30: pin your Docker image by updating nginx:mainline to nginx:mainline@sha256:42e917aaa1b5bb40dd0f6f7f4f857490ac7747d7ef73b391c774a41a8b994f15
Warn: containerImage not pinned by hash: contrib/docker/minimal-hardened-image/Dockerfile:15
Warn: containerImage not pinned by hash: contrib/docker/minimal-hardened-image/Dockerfile:24
Warn: containerImage not pinned by hash: contrib/docker/minimal-hardened-image/Dockerfile:53: pin your Docker image by updating cgr.dev/chainguard/wolfi-base:latest to cgr.dev/chainguard/wolfi-base:latest@sha256:3b271f8bff9356a38aa23118ffdea3c0d659f39e207feedacf01bdea4b900871
Warn: containerImage not pinned by hash: packages/backend/Dockerfile:12: pin your Docker image by updating node:20-bookworm-slim to node:20-bookworm-slim@sha256:26b32b462c9b8b255829fb7dbf0dff52956ab6ecfcd967d89d2647d78e698e75
Warn: containerImage not pinned by hash: packages/create-app/templates/default-app/packages/backend/Dockerfile:12: pin your Docker image by updating node:20-bookworm-slim to node:20-bookworm-slim@sha256:26b32b462c9b8b255829fb7dbf0dff52956ab6ecfcd967d89d2647d78e698e75
Warn: containerImage not pinned by hash: plugins/scaffolder-backend-module-rails/Rails.dockerfile:1: pin your Docker image by updating ruby:3.3 to ruby:3.3@sha256:9d4892f485258e6ecb8780f5dee379adc9b0430d69194f21dcc1917a5f1911e9
Warn: containerImage not pinned by hash: plugins/scaffolder-backend/scripts/Cookiecutter.dockerfile:1: pin your Docker image by updating alpine:3.21 to alpine:3.21@sha256:21dc6063fd678b478f57c0e13f47560d0ea4eeba26dfc947b2a4f81f686b9f45
Warn: pipCommand not pinned by hash: contrib/docker/minimal-hardened-image/Dockerfile:19-21
Warn: pipCommand not pinned by hash: packages/backend/Dockerfile:29
Warn: pipCommand not pinned by hash: plugins/scaffolder-backend/scripts/Cookiecutter.dockerfile:3-11
Warn: pipCommand not pinned by hash: contrib/.devcontainer/postCreate.sh:6
Warn: downloadThenRun not pinned by hash: .github/workflows/automate_merge_message.yml:44
Warn: downloadThenRun not pinned by hash: .github/workflows/sync_release-manifest.yml:54
Warn: pipCommand not pinned by hash: .github/workflows/verify_e2e-techdocs.yml:56
Warn: downloadThenRun not pinned by hash: .github/workflows/verify_fossa.yml:26
Warn: pipCommand not pinned by hash: .github/workflows/verify_microsite.yml:43
Info: 85 out of 85 GitHub-owned GitHubAction dependencies pinned
Info: 84 out of 84 third-party GitHubAction dependencies pinned
Info: 0 out of 12 containerImage dependencies pinned
Info: 0 out of 6 pipCommand dependencies pinned
Info: 0 out of 3 downloadThenRun dependencies pinned

2

CII-Best-Practices

Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.

0

Dangerous-Workflow

Determines if the project's GitHub Action workflows avoid dangerous patterns.

0

Fuzzing

Determines if the project uses fuzzing.

0

Token-Permissions

Determines if the project's workflows follow the principle of least privilege.

Reason

detected GitHub workflow tokens with excessive permissions

Details

Info: jobLevel 'actions' permission set to 'read': .github/workflows/api-breaking-changes-comment.yml:18
Info: jobLevel 'contents' permission set to 'read': .github/workflows/api-breaking-changes-comment.yml:88
Info: jobLevel 'contents' permission set to 'read': .github/workflows/automate_area-labels.yml:11
Warn: jobLevel 'contents' permission set to 'write': .github/workflows/deploy_microsite.yml:142
Info: jobLevel 'contents' permission set to 'read': .github/workflows/issue.yaml:12
Info: jobLevel 'contents' permission set to 'read': .github/workflows/sync_snyk-monitor.yml:23
Info: jobLevel 'contents' permission set to 'read': .github/workflows/verify_codeql.yml:29
Info: jobLevel 'actions' permission set to 'read': .github/workflows/verify_codeql.yml:28
Warn: no topLevel permission defined: .github/workflows/api-breaking-changes-comment.yml:1
Warn: no topLevel permission defined: .github/workflows/api-breaking-changes.yml:1
Info: topLevel 'contents' permission set to 'read': .github/workflows/automate_area-labels.yml:6
Info: found token with 'none' permissions: .github/workflows/automate_changeset_feedback.yml:8
Info: found token with 'none' permissions: .github/workflows/automate_changeset_feedback.yml:11
Info: found token with 'none' permissions: .github/workflows/automate_changeset_feedback.yml:15
Info: found token with 'none' permissions: .github/workflows/automate_changeset_feedback.yml:16
Info: found token with 'none' permissions: .github/workflows/automate_changeset_feedback.yml:17
Info: found token with 'none' permissions: .github/workflows/automate_changeset_feedback.yml:9
Info: found token with 'none' permissions: .github/workflows/automate_changeset_feedback.yml:10
Info: found token with 'none' permissions: .github/workflows/automate_changeset_feedback.yml:12
Info: found token with 'none' permissions: .github/workflows/automate_changeset_feedback.yml:13
Info: found token with 'none' permissions: .github/workflows/automate_changeset_feedback.yml:14
Info: found token with 'none' permissions: .github/workflows/automate_merge_message.yml:17
Info: found token with 'none' permissions: .github/workflows/automate_merge_message.yml:18
Info: found token with 'none' permissions: .github/workflows/automate_merge_message.yml:9
Info: found token with 'none' permissions: .github/workflows/automate_merge_message.yml:10
Info: found token with 'none' permissions: .github/workflows/automate_merge_message.yml:11
Info: found token with 'none' permissions: .github/workflows/automate_merge_message.yml:12
Info: found token with 'none' permissions: .github/workflows/automate_merge_message.yml:14
Info: found token with 'none' permissions: .github/workflows/automate_merge_message.yml:16
Info: found token with 'none' permissions: .github/workflows/automate_merge_message.yml:13
Info: found token with 'none' permissions: .github/workflows/automate_merge_message.yml:15
Info: topLevel 'contents' permission set to 'read': .github/workflows/automate_stale.yml:8
Info: topLevel 'contents' permission set to 'read': .github/workflows/ci-noop.yml:12
Warn: no topLevel permission defined: .github/workflows/ci.yml:1
Warn: no topLevel permission defined: .github/workflows/cron.yml:1
Warn: no topLevel permission defined: .github/workflows/deploy_docker-image.yml:1
Info: topLevel 'contents' permission set to 'read': .github/workflows/deploy_microsite.yml:8
Warn: no topLevel permission defined: .github/workflows/deploy_packages.yml:1
Info: topLevel 'contents' permission set to 'read': .github/workflows/issue.yaml:7
Info: topLevel 'contents' permission set to 'read': .github/workflows/pr-review-comment-trigger.yaml:11
Warn: no topLevel permission defined: .github/workflows/pr-review-comment.yaml:1
Warn: no topLevel permission defined: .github/workflows/pr.yaml:1
Info: topLevel permissions set to 'read-all': .github/workflows/scorecard.yml:18
Warn: no topLevel permission defined: .github/workflows/sync_canon.yml:1
Warn: no topLevel permission defined: .github/workflows/sync_code-formatting.yml:1
Warn: no topLevel permission defined: .github/workflows/sync_dependabot-changesets.yml:1
Warn: no topLevel permission defined: .github/workflows/sync_release-manifest.yml:1
Warn: no topLevel permission defined: .github/workflows/sync_renovate-changesets.yml:1
Warn: no topLevel permission defined: .github/workflows/sync_snyk-github-issues.yml:1
Info: topLevel 'contents' permission set to 'read': .github/workflows/sync_snyk-monitor.yml:18
Warn: no topLevel permission defined: .github/workflows/sync_version-packages.yml:1
Info: topLevel 'contents' permission set to 'read': .github/workflows/verify_accessibility-noop.yml:21
Warn: no topLevel permission defined: .github/workflows/verify_accessibility.yml:1
Info: topLevel 'contents' permission set to 'read': .github/workflows/verify_codeql.yml:23
Warn: no topLevel permission defined: .github/workflows/verify_docs-quality.yml:1
Info: topLevel 'contents' permission set to 'read': .github/workflows/verify_e2e-linux-noop.yml:19
Warn: no topLevel permission defined: .github/workflows/verify_e2e-linux.yml:1
Info: topLevel 'contents' permission set to 'read': .github/workflows/verify_e2e-techdocs.yml:18
Info: topLevel 'contents' permission set to 'read': .github/workflows/verify_e2e-windows-noop.yml:15
Warn: no topLevel permission defined: .github/workflows/verify_e2e-windows.yml:1
Info: topLevel 'contents' permission set to 'read': .github/workflows/verify_fossa.yml:9
Info: topLevel 'contents' permission set to 'read': .github/workflows/verify_microsite-noop.yml:15
Info: topLevel 'contents' permission set to 'read': .github/workflows/verify_microsite.yml:13
Info: topLevel 'contents' permission set to 'read': .github/workflows/verify_microsite_accessibility-noop.yml:19
Warn: no topLevel permission defined: .github/workflows/verify_microsite_accessibility.yml:1
Info: topLevel 'contents' permission set to 'read': .github/workflows/verify_storybook-noop.yml:22
Warn: no topLevel permission defined: .github/workflows/verify_storybook.yml:1
Info: topLevel 'contents' permission set to 'read': .github/workflows/verify_windows.yml:11

0

Vulnerabilities

Determines if the project has open, known unfixed vulnerabilities.

Score

6.3

/10

Last Scanned on 2024-12-25T09:06:13Z

The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.

Learn More

Other packages similar to @backstage/backend-plugin-api

@solace-labs/backstage-plugin-ep-devp-event-api-products-backend

1.0.1

> :warning: **experimental**

@frontside/backstage-plugin-humanitec-backend

0.3.17

`@frontside/backstage-plugin-humanitec-backend` is a plugin for the Backstage backend app. It provides a route that `@frontside/backstage-plugin-humanitec` will use to connect to Humanitec API and scaffolder actions.

@solace-labs/backstage-plugin-ep-devp-consumer-apps-backend

1.0.1

> :warning: **experimental**

@solace-labs/backstage-plugin-ep-devp-manage-apps-backend

1.0.3

> :warning: **experimental**