Security News
GitHub Removes Malicious Pull Requests Targeting Open Source Repositories
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
@octokit/rest
Advanced tools
The @octokit/rest npm package is a client library for accessing the GitHub REST API. It provides a convenient way to interact with GitHub resources such as repositories, issues, pull requests, and more, directly from your JavaScript code. It abstracts away the direct HTTP requests to GitHub, offering an easier and more intuitive way to access GitHub data and perform operations.
Repository Management
This feature allows you to manage repositories. The code sample demonstrates how to create a new public repository for the authenticated user.
const { Octokit } = require('@octokit/rest');
const octokit = new Octokit({ auth: 'personal-access-token' });
octokit.repos.createForAuthenticatedUser({
name: 'new-repo',
private: false
});
Issues Management
This feature enables you to manage issues in a repository. The code sample shows how to create a new issue in a specified repository.
const { Octokit } = require('@octokit/rest');
const octokit = new Octokit({ auth: 'personal-access-token' });
octokit.issues.create({
owner: 'username',
repo: 'repository-name',
title: 'New Issue Title',
body: 'Description of the issue.'
});
Pull Requests
This feature allows for the creation and management of pull requests. The code sample illustrates how to create a pull request from one branch to another within the same repository.
const { Octokit } = require('@octokit/rest');
const octokit = new Octokit({ auth: 'personal-access-token' });
octokit.pulls.create({
owner: 'username',
repo: 'repository-name',
title: 'New Pull Request',
head: 'branch-name',
base: 'base-branch'
});
The 'github' npm package is another client library for the GitHub API. It offers similar functionalities to @octokit/rest but has been deprecated in favor of @octokit/rest, which is its direct successor. @octokit/rest provides a more modern and feature-rich interface.
The 'node-github' package is an older client for the GitHub API, offering basic functionalities to interact with GitHub resources. Compared to @octokit/rest, it might not be as up-to-date or feature-rich, as @octokit/rest is the official client library recommended by GitHub.
GitHub REST API client for JavaScript
Browsers |
Load @octokit/rest directly from cdn.skypack.dev
|
---|---|
Node |
Install with
|
const octokit = new Octokit();
// Compare: https://docs.github.com/en/rest/reference/repos/#list-organization-repositories
octokit.rest.repos
.listForOrg({
org: "octokit",
type: "public",
})
.then(({ data }) => {
// handle data
});
See https://octokit.github.io/rest.js for full documentation.
We would love you to contribute to @octokit/rest
, pull requests are very welcome! Please see CONTRIBUTING.md for more information.
@octokit/rest
was originally created as node-github
in 2012 by Mike de Boer from Cloud9 IDE, Inc. The original commit is from 2010 which predates the npm registry.
It was adopted and renamed by GitHub in 2017. Learn more about it's origin on GitHub's blog: From 48k lines of code to 10—the story of GitHub’s JavaScript SDK
FAQs
GitHub REST API client for Node.js
We found that @octokit/rest demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.