Security News
The Dark Side of Open Source
At Node Congress, Socket CEO Feross Aboukhadijeh uncovers the darker aspects of open source, where applications that rely heavily on third-party dependencies can be exploited in supply chain attacks.
gitlab-stats
Advanced tools
Readme
Gitlab Stats provides more GitLab statistics from the GitLab API services. Gitlab Stats API is making use of the gitlab NPM package is heavily inspired by its API.
# Install as CLI tool
npm i -g gitlab-stats
# Install as node dependency
npm i gitlab-stats
All the CLI commands have the following structure.
gitlab-stats [service name] [method name] --arg1 --arg2 --arg3
Where service name
is any of the supported API names, method name
is any of the supported commands on that API service. --arg1
are any of the arguments you can supply to the function.
gitlab-stats users growth --interval month --output csv > user-growth.csv
In order to use the CLI tool, you will need to have the following environment variables
GITLAB_TOKEN=<YOUR_TOKEN>
# Optional
GITLAB_HOST=<YOUR_HOSt> # e.g. https://gitlab.website.com
This could be set globally or using a .env file in the project folder.
The functionalities of the CLI can be imported into your Node.js or web project.
import { Gitlab } from "gitlab";
import { GitlabStats } from "gitlab-stats";
const gitlab = new Gitlab({
host: "http://example.com",
token: "personaltoken"
});
const gitlabStats = new GitlabStats({
gitlab
});
gitlabStats.Users.growth({ interval: "month" })
.then(console.log)
.catch(console.error);
The APIs which are currently supported are:
FAQs
Gitlab Stats provides more [GitLab](https://gitlab.com/gitlab-org/gitlab/) statistics from the [GitLab API](https://gitlab.com/gitlab-org/gitlab/tree/master/doc/api) services. Gitlab Stats API is making use of the [gitlab](https://github.com/jdalrymple/gi
The npm package gitlab-stats receives a total of 16 weekly downloads. As such, gitlab-stats popularity was classified as not popular.
We found that gitlab-stats demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
At Node Congress, Socket CEO Feross Aboukhadijeh uncovers the darker aspects of open source, where applications that rely heavily on third-party dependencies can be exploited in supply chain attacks.
Research
Security News
The Socket Research team found this npm package includes code for collecting sensitive developer information, including your operating system username, Git username, and Git email.
Security News
OpenJS is warning of social engineering takeovers targeting open source projects after receiving a credible attempt on the foundation.