Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@octokit/rest
Advanced tools
The @octokit/rest npm package is a client library for accessing the GitHub REST API. It provides a convenient way to interact with GitHub resources such as repositories, issues, pull requests, and more, directly from your JavaScript code. It abstracts away the direct HTTP requests to GitHub, offering an easier and more intuitive way to access GitHub data and perform operations.
Repository Management
This feature allows you to manage repositories. The code sample demonstrates how to create a new public repository for the authenticated user.
const { Octokit } = require('@octokit/rest');
const octokit = new Octokit({ auth: 'personal-access-token' });
octokit.repos.createForAuthenticatedUser({
name: 'new-repo',
private: false
});
Issues Management
This feature enables you to manage issues in a repository. The code sample shows how to create a new issue in a specified repository.
const { Octokit } = require('@octokit/rest');
const octokit = new Octokit({ auth: 'personal-access-token' });
octokit.issues.create({
owner: 'username',
repo: 'repository-name',
title: 'New Issue Title',
body: 'Description of the issue.'
});
Pull Requests
This feature allows for the creation and management of pull requests. The code sample illustrates how to create a pull request from one branch to another within the same repository.
const { Octokit } = require('@octokit/rest');
const octokit = new Octokit({ auth: 'personal-access-token' });
octokit.pulls.create({
owner: 'username',
repo: 'repository-name',
title: 'New Pull Request',
head: 'branch-name',
base: 'base-branch'
});
The 'github' npm package is another client library for the GitHub API. It offers similar functionalities to @octokit/rest but has been deprecated in favor of @octokit/rest, which is its direct successor. @octokit/rest provides a more modern and feature-rich interface.
The 'node-github' package is an older client for the GitHub API, offering basic functionalities to interact with GitHub resources. Compared to @octokit/rest, it might not be as up-to-date or feature-rich, as @octokit/rest is the official client library recommended by GitHub.
GitHub REST API client for JavaScript
npm install @octokit/rest
const { Octokit } = require("@octokit/rest");
const octokit = new Octokit();
// Compare: https://developer.github.com/v3/repos/#list-organization-repositories
octokit.repos
.listForOrg({
org: "octokit",
type: "public"
})
.then(({ data }) => {
// handle data
});
See https://octokit.github.io/rest.js/ for full documentation.
We would love you to contribute to @octokit/rest
, pull requests are very welcome! Please see CONTRIBUTING.md for more information.
@octokit/rest
was originally created as node-github
in 2012 by Mike de Boer from Cloud9 IDE, Inc.
It was adopted and renamed by GitHub in 2017
FAQs
GitHub REST API client for Node.js
The npm package @octokit/rest receives a total of 5,334,765 weekly downloads. As such, @octokit/rest popularity was classified as popular.
We found that @octokit/rest demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.