Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
repository-provider
Advanced tools
abstract interface to git repository providers like github bitbucket
abstract interface to git repository providers like github bitbucket
import { GithubProvider } from 'repository-provider';
const provider = new GithubProvider({ token: 'xxx' });
const repository = await provider.repository('myuser/myrepo');
const branch = await repository.branch('master');
const files = await branch.list();
list by repository-provider keyword
Extends Owner
Base repository provider acts as a source of repositories
options
ObjectLookup a project
name
string of the projectCreate a new project
Returns Class branch class used by the Provider
Returns Class project class used by the Provider
Returns Class content class used by the Provider
Returns Class pull request class used by the Provider
Is our rate limit reached. By default we have no rate limit
Returns boolean always false
Deliver the provider name
Returns string class name by default
Default configuration options
Returns Object
Extract options suitable for the constructor form the given set of environment variables
env
ObjectReturns Object undefined if no suitable environment variables have been found
Pepare configuration by mixing together defaultOptions with actual options
config
Object raw configReturns Object combined options
Abstract branch
repository
Repositoryname
string (optional, default 'master'
)repository
Repositoryprovider
Providername
stringcalled once after constructing
Returns Promise
The provider we live in
Returns Provider
Branch owner By default we provide the repository owner
Returns string
Branch project By default we provide the repository project
Returns string
Repository and branch name combined
Returns string 'repo#branch'
Repository and branch name combined. But skipping the branch name if it is the default branch
Returns string 'repo#branch'
Deliver repository and branch url combined
Returns string 'repoUrl#branch'
Url of issue tracking system.
Returns string as provided from the repository
Url of home page.
Returns string as provided from the repository
Are we the default branch
Returns boolean true if name is 'master'
Delete the branch from the Repository.
Deliver file content
path
stringReturns Promise<Content> content of a given file
Commit files
Returns Promise
Create a pull request
Returns Promise<PullRequest>
File list
Returns Array<string> all file names in the branch
Value delivered from the provider
Returns boolean providers rateLimitReached
forward to the Provider
value
booleanrepositories
Map<string, Repository>Returns Class repository class used by the Provider
Delete a repository
name
stringLookup a repository
name
stringReturns Promise<Repository>
Create a new repository
Returns Promise<Repository>
Lookup a branch First lookup repository then the branch If no branch was specified then the default branch will be delivered.
name
string with optional branch name as '#myBranchName'Provider initialization will be called once before content addressing method is called
Deliver the repository type
Returns string 'git'
Abstract repository
Called one after constructing
Lookup content form the default branch Branch#content
args
...anyReturns Content
urls to access the repo
preffered url to access the repo
Returns string
the url of issue tracking system.
Returns string
the url of home page.
Returns string
Repository owner Default implementation delivers undefined
Returns string undefined
Repository project Default implementation delivers undefined
Returns string undefined
Name without project / owner
Returns string name
Lookup branch by name
name
stringLookup the default branch
Returns Promise<Branch> 'master' branch
Returns Promise<Map> of all branches
Create a new Branch by cloning a given source branch
Returns Promise<Branch> newly created branch
Delete a Branch
name
stringAdd a branch
branch
BranchDelete the repository from the Provider. Provider#deleteRepository
Deliver all PullRequests
Returns Promise<Map> of all pull requests
The @{link PullRequest} for a given name
name
stringReturns Promise<PullRequest>
Add a pull request
pullRequest
PullRequestReturns Promise
Delete a PullRequest
name
stringReturns Promise
Returns string providers type
Value delivered from the provider
Returns boolean providers rateLimitReached
forward to the Provider
value
booleanAbstract pull request Repository#addPullRequest
name
stringrepository
Repositoryprovider
Providertitle
string?state
string?Returns Provider
Delete the pull request from the Repository.
Returns Promise
Merge the pull request
Decline the pull request
Extends Owner
Abstract project
Representation of one file or directory entry
path
string file name inside of the repositorycontent
(string | Buffer | Stream) (optional, default undefined
)type
string type of the content (optional, default 'blob'
)mode
string file permissions (optional, default '100644'
)path
string file name inside of the repositorycontent
(string | Buffer | Stream)type
string type of the contentmode
string file permissionsWith npm do:
npm install repository-provider
BSD-2-Clause
FAQs
abstract interface to git repository providers like github, bitbucket and gitlab
The npm package repository-provider receives a total of 627 weekly downloads. As such, repository-provider popularity was classified as not popular.
We found that repository-provider demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.