Security News
GitHub Removes Malicious Pull Requests Targeting Open Source Repositories
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
A node library to interact with the GitHub repos API
See also:
List all repos for a user. If user
and options
are omitted the current user is assumed.
List all repos for user 'rvagg'
:
const ghrepos = require('ghrepos')
, authOptions = { user: 'rvagg', token: '24d5dee258c64aef38a66c0c5eca459c379901c2' }
ghrepos.listUser(authOptions, 'rvagg', function (err, repolist) {
console.log(reposlist)
})
List all repos for a organisation. If org
and options
are omitted the current org is assumed.
List all repos for org 'nodejs'
:
const ghrepos = require('ghrepos')
, authOptions = { user: 'rvagg', token: '24d5dee258c64aef38a66c0c5eca459c379901c2' }
ghrepos.listOrg(authOptions, 'nodejs', function (err, repolist) {
console.log(reposlist)
})
Get git ref data for all refs in a repo.
Get all ref data for nodejs/node
repo:
ghrepos.listRefs(authOptions, 'nodejs', 'node', function (err, refData) {
// data containing ref information including sha and github url
console.log(refData)
})
List git branches for a repo.
Get all branches for nodejs/node
repo:
ghrepos.listBranches(authOptions, 'nodejs', 'node', function (err, refData) {
// data containing branch information including sha and github API url
console.log(refData)
})
List git commits for a repo.
Get all commits for nodejs/node
repo:
ghrepos.listCommits(authOptions, 'nodejs', 'node', function (err, refData) {
// data containing commit information including sha and github API url
console.log(refData)
})
List git tags for a repo.
Get all tag for nodejs/node
repo:
ghrepos.listTags(authOptions, 'nodejs', 'node', function (err, refData) {
// data containing tag information including sha and github API url
console.log(refData)
})
Get git ref data for a particular ref string.
Get git ref data for v1.x
branch in nodejs/node
repo:
ghrepos.getRef(authOptions, 'nodejs', 'node', 'heads/v1.x', function (err, refData) {
// data containing ref information including sha and github url
console.log(refData)
})
Get git branch data for a given branch name
Get git branch data for v1.x
branch in nodejs/node
repo:
ghrepos.getBranch(authOptions, 'nodejs', 'node', 'v1.x', function (err, refData) {
// data containing branch information including sha and github API url
console.log(refData)
})
Get git commit data for a given sha1
Get git commit data for sha1 75318e46b
in nodejs/node
repo:
ghrepos.getCommit(authOptions, 'nodejs', 'node', '75318e46b', function (err, refData) {
// data containing commit information including sha and github API url
console.log(refData)
})
Get git commit comments data for a given sha1
Get git commit comments data for sha1 75318e46b
in nodejs/node
repo:
ghrepos.getCommitComments(authOptions, 'nodejs', 'node', '75318e46b', function (err, comments) {
// array containing commit comments information
console.log(JSON.stringify(comments.map(function (i) {
return { user: i.user.login, body: i.body }
}), null, 2))
})
Yields:
[
{
"user": "Trott",
"body": "@cjihrig There's no PR-URL on this commit message. (`core-validate-commit` FTW as usual!)"
},
{
"user": "mscdex",
"body": "PR-URL is: https://github.com/nodejs/node/pull/15745"
}
]
Creates a function that lists different sub types related to the '/repos'
api, e.g. list 'issues'
, 'pulls'
or 'releases'
. The function returned has the signature: function list (auth, org, repo, options, callback)
.
More methods coming .. as I need them or as you PR them in.
The auth data is compatible with ghauth so you can just connect them together to make a simple command-line application:
const ghauth = require('ghauth')
, ghrepos = require('ghrepos')
, authOptions = {
configName : 'lister'
, scopes : [ 'user' ]
}
ghauth(authOptions, function (err, authData) {
ghrepos.listUser(authData, 'rvagg', function (err, list) {
console.log('Repos for rvagg:')
console.log(util.inspect(list.map(function (i) { return {
name: i.name
, desc: i.description
, fork: i.fork
}})))
})
})
ghrepos is Copyright (c) 2015 Rod Vagg @rvagg and licensed under the MIT licence. All rights not explicitly granted in the MIT license are reserved. See the included LICENSE file for more details.
FAQs
Interact with the GitHub repos API
The npm package ghrepos receives a total of 8,040 weekly downloads. As such, ghrepos popularity was classified as popular.
We found that ghrepos demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.