Gathering detailed insights and metrics for @suin/esa-api
Gathering detailed insights and metrics for @suin/esa-api
Installations
npm install @suin/esa-apiDeveloper Guide
BETA
Typescript
Yes
Module System
CommonJS
Node Version
20.7.0
NPM Version
10.1.0
Score
76.4
Supply Chain
98.3
Quality
75.4
Maintenance
100
Vulnerability
100
License
Releases
12
Contributors
2
Unable to fetch Contributors
Languages
2
TypeScript
Shell
TypeScript (99.6%)
Shell (0.4%)
Developer
suin
Download Statistics
Total Downloads
7,814
Last Day
1
Last Week
191
Last Month
1,149
Last Year
4,370
GitHub Statistics
8 Stars
36 Commits
3 Watching
10 Branches
2 Contributors
Bundle Size
120.19 kB
Minified
21.22 kB
Minified + Gzipped
Maintainers
1
Package Meta Information
Latest Version
4.0.1
Package Id
@suin/esa-api@4.0.1
Unpacked Size
1.30 MB
Size
109.28 kB
File Count
298
NPM Version
10.1.0
Node Version
20.7.0
Publised On
20 Sept 2023
Total Downloads
Cumulative downloads
Total Downloads
7,814
Last day
-93.8%
1
Compared to previous day
Last week
-20.7%
191
Compared to previous week
Last month
-35.6%
1,149
Compared to previous month
Last year
402.9%
4,370
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
2
Versions
@suin/esa-api
esa.io API のクライアントライブラリ。
特徴
- すべてのエンドポイントに対応しています。
- esa API の OpenAPI 仕様書から生成したクライアントライブラリをベースに一部拡張を加えたライブラリです。
インストール
1yarn add @suin/esa-api 2# or 3npm install @suin/esa-api
使い方
基本的な用法:
1import { createClient } from "@suin/esa-api"; 2 3const teamName = "your_team_name"; 4 5const client = createClient({ 6 token: process.env.ESA_TOKEN, // アクセストーン 7}); 8 9{ 10 // 記事一覧を取得する 11 const { 12 data: { posts }, 13 } = await client.getPosts({ teamName }); 14} 15 16{ 17 // 指定した記事を取得する 18 const { data: post } = await client.getPost({ teamName, postNumber: 1 }); 19} 20 21{ 22 // 記事を新規投稿する 23 const { data: createdPost } = await client.createPost({ 24 teamName, 25 post: { 26 name: "hi!", 27 body_md: "# Getting Started\n", 28 tags: ["api", "dev"], 29 category: "dev/2015/05/10", 30 wip: false, 31 message: "Add Getting Started section", 32 }, 33 }); 34} 35 36{ 37 // 指定した記事を編集する 38 const { data: updatedPost } = await client.updatePost({ 39 teamName, 40 postNumber: 1, 41 updatePostBody: { 42 post: { 43 wip: false, 44 message: "Ship it!", 45 }, 46 }, 47 }); 48}
複雑なクエリの例:
1import { createClient } from "@suin/esa-api"; 2 3const teamName = "your_team_name"; 4 5const client = createClient({ 6 token: process.env.ESA_TOKEN, 7}); 8 9// 細かい条件を設定して記事一覧を取得する 10const response = await client.getPosts({ 11 teamName, 12 q: "wip:false", 13 include: ["comments", "comments.stargazers", "stargazers"], 14 sort: "updated", 15 order: "desc", 16 per_page: 100, 17 page: 1, 18}); 19 20// 結果からは様々な付随情報が得られます: 21// 1. 記事一覧 22const { posts } = response.data; 23// 2. 利用制限 24const { limit, remaining, reset } = response.ratelimit; 25// 3. ページネーション 26const { prev_page, next_page, page, per_page, max_per_page, total_count } = 27 response.data;
API リファレンス
No vulnerabilities found.
Reason
no dangerous workflow patterns detected
Reason
no binaries found in the repo
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
Found 0/30 approved changesets -- score normalized to 0
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/build.yaml:1
- Info: no jobLevel write permissions found
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
no SAST tool detected
Details
- Warn: no pull requests merged into dev branch
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yaml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/suin/esa-api/build.yaml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yaml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/suin/esa-api/build.yaml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yaml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/suin/esa-api/build.yaml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yaml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/suin/esa-api/build.yaml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yaml:55: update your workflow using https://app.stepsecurity.io/secureworkflow/suin/esa-api/build.yaml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yaml:57: update your workflow using https://app.stepsecurity.io/secureworkflow/suin/esa-api/build.yaml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yaml:73: update your workflow using https://app.stepsecurity.io/secureworkflow/suin/esa-api/build.yaml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yaml:77: update your workflow using https://app.stepsecurity.io/secureworkflow/suin/esa-api/build.yaml/master?enable=pin
- Info: 0 out of 6 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 2 third-party GitHubAction dependencies pinned
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
branch protection not enabled on development/release branches
Details
- Warn: branch protection not enabled for branch 'master'
Reason
16 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
- Warn: Project is vulnerable to: GHSA-wf5p-g6vw-rhxx
- Warn: Project is vulnerable to: GHSA-8hc4-vh64-cxmj
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-jchw-25xp-jwwc
- Warn: Project is vulnerable to: GHSA-cxjh-pqwp-8mfp
- Warn: Project is vulnerable to: GHSA-78xj-cgh5-2h22
- Warn: Project is vulnerable to: GHSA-2p57-rm9w-gvfp
- Warn: Project is vulnerable to: GHSA-5v2h-r2cx-5xgj
- Warn: Project is vulnerable to: GHSA-rrrm-qjm4-v8hf
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-hj9c-8jmm-8c52
- Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j
- Warn: Project is vulnerable to: GHSA-x2pg-mjhr-2m5x
- Warn: Project is vulnerable to: GHSA-f5x3-32g6-xq36
Score
2.5
/10
Last Scanned on 2025-01-27
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More