
Research
Security News
Malicious npm Package Wipes Codebases with Remote Trigger
A malicious npm typosquat uses remote commands to silently delete entire project directories after a single mistyped install.
___ _____ _ _____
/ _ \ / ___| | / ___|
/ /_\ \_ __ _ __ \ `--.| |_ ___ _ __ ___ \ `--. ___ _ __ __ _ _ __ ___ _ __
| _ | '_ \| '_ \ `--. \ __/ _ \| '__/ _ \ `--. \/ __| '__/ _` | '_ \ / _ \ '__|
| | | | |_) | |_) | /\__/ / || (_) | | | __/ /\__/ / (__| | | (_| | |_) | __/ |
\_| |_/ .__/| .__/ \____/ \__\___/|_| \___| \____/ \___|_| \__,_| .__/ \___|_|
| | | | | |
|_| |_| |_|
Install:
pip3 install apple-store-scraper
Scrape reviews for an app:
from apple_store_scraper import AppStore
from pprint import pprint
minecraft = AppStore(country="nz", app_name="minecraft")
minecraft.review(how_many=20)
pprint(minecraft.reviews)
pprint(minecraft.reviews_count)
Scrape reviews for a podcast:
from apple_store_scraper import Podcast
from pprint import pprint
sysk = Podcast(country="nz", app_name="stuff you should know")
sysk.review(how_many=20)
pprint(sysk.reviews)
pprint(sysk.reviews_count)
Let's continue from the code example used in Quickstart.
There are two required and one positional parameters:
country
(required)
app_name
(required)
search_id()
method to search for app_id
internallyapp_id
(positional)
search_id
method internallyOnce instantiated, the object can be examined:
>>> minecraft
AppStore(country='nz', app_name='minecraft', app_id=479516143)
>>> print(app)
Country | nz
Name | minecraft
ID | 479516143
URL | https://apps.apple.com/nz/app/minecraft/id479516143
Review count | 0
Other optional parameters are:
log_format
logging.basicConfig(format=log_format)
"%(asctime)s [%(levelname)s] %(name)s - %(message)s"
log_level
logging.basicConfig(level=log_level)
"INFO"
log_interval
5
The maximum number of reviews fetched per request is 20. To minimise the number of calls, the limit of 20 is hardcoded. This means the review()
method will always grab more than the how_many
argument supplied with an increment of 20.
>>> minecraft.review(how_many=33)
>>> minecraft.reviews_count
40
If how_many
is not provided, review()
will terminate after all reviews are fetched.
NOTE the review count seen on the landing page differs from the actual number of reviews fetched. This is simply because only some users who rated the app also leave reviews.
after
datetime
object to filter older reviewssleep
int
to specify seconds to sleep between each callThe fetched review data are loaded in memory and live inside reviews
attribute as a list of dict.
>>> minecraft.reviews
[{'userName': 'someone', 'rating': 5, 'date': datetime.datetime(...
Each review dictionary has the following schema:
{
"date": datetime.datetime,
"isEdited": bool,
"rating": int,
"review": str,
"title": str,
"userName": str
}
FAQs
Single API ☝ App Store Review Scraper 🧹
We found that apple-store-scraper demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A malicious npm typosquat uses remote commands to silently delete entire project directories after a single mistyped install.
Research
Security News
Malicious PyPI package semantic-types steals Solana private keys via transitive dependency installs using monkey patching and blockchain exfiltration.
Security News
New CNA status enables OpenJS Foundation to assign CVEs for security vulnerabilities in projects like ESLint, Fastify, Electron, and others, while leaving disclosure responsibility with individual maintainers.