Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
repository-provider
Advanced tools
abstract interface to git repository providers like github bitbucket
abstract interface to git repository providers like github bitbucket
import { GithubProvider } from 'repository-provider';
const provider = new GithubProvider({ token: 'xxx' });
const repository = await provider.repository('myuser/myrepo');
const branch = await repository.branch('master');
const files = await branch.list();
list by repository-provider keyword
Extends Owner
Base repository provider acts as a source of repositories
options
ObjectLookup a repository group
Returns Promise<RepositoryGroup>
Create a new repository group
Returns Promise<RepositoryGroup>
Lookup a repository in the provider and all of its repository groups
Returns Promise<Repository>
Lookup a branch in the provider and all of its repository groups
Returns Promise<Branch>
Returns Class repository group class used by the Provider
Is our rate limit reached. By default we have no rate limit
Returns boolean always false
Deliver the provider name
Returns string class name by default
we are our own provider
Returns Provider this
Default configuration options
Returns Object
Extract options suitable for the constructor form the given set of environment variables
env
ObjectReturns Object undefined if no suitable environment variables have been found
Pepare configuration by mixing together defaultOptions with actual options
config
Object raw configReturns Object combined options
With npm do:
npm install repository-provider
BSD-2-Clause
FAQs
abstract interface to git repository providers like github, bitbucket and gitlab
The npm package repository-provider receives a total of 831 weekly downloads. As such, repository-provider popularity was classified as not popular.
We found that repository-provider demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.