npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@dependabit/github-client

v0.1.14

Published

GitHub API wrapper with rate limiting and authentication

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

pmoulipmouli

Keywords

githubapiclient

Readme

@dependabit/github-client

Comprehensive GitHub API wrapper with authentication, rate limiting, and false positive tracking.

Overview

This package provides a robust wrapper around the GitHub API with built-in rate limiting, multiple authentication strategies, and specialized features for dependency tracking workflows.

Features

  • Rate Limiting: Automatic rate limit handling with budget reservation
  • Authentication: Token, OAuth, and Basic auth support
  • Issue Management: Create, update, and track dependency issues
  • Release Monitoring: Fetch and compare releases
  • Commit Tracking: Retrieve commit history and changes
  • Feedback Collection: Monitor false positive feedback via issue labels
  • Proactive Quota Management: Reserve API calls before execution

Installation

pnpm add @dependabit/github-client

Usage

Basic Client

import { createGitHubClient } from '@dependabit/github-client';

const client = createGitHubClient({
  auth: process.env.GITHUB_TOKEN,
  rateLimitWarningThreshold: 100,
  rateLimitMinRemaining: 10
});

// Use with rate limit checking
await client.withRateLimit(async () => {
  // Your API calls here
});

Authentication

Token Authentication

import { TokenAuthHandler } from '@dependabit/github-client';

const tokenAuth = new TokenAuthHandler('ghp_yourtoken');
const auth = await tokenAuth.authenticate();
// { type: 'token', token: 'ghp_yourtoken' }

OAuth Authentication

import { OAuthHandler } from '@dependabit/github-client';

const oauth = new OAuthHandler({
  clientId: 'your_client_id',
  clientSecret: 'your_secret',
  redirectUri: 'http://localhost:3000/callback'
});

// Get authorization URL
const authUrl = oauth.getAuthorizationUrl(['repo', 'user']);

// Exchange code for token
const auth = await oauth.authenticate(authorizationCode);

Basic Authentication

import { BasicAuthHandler } from '@dependabit/github-client';

const basicAuth = new BasicAuthHandler('username', 'password');
const auth = await basicAuth.authenticate();

Rate Limit Management

import { RateLimitHandler } from '@dependabit/github-client';

const rateLimit = new RateLimitHandler(token);

// Check current rate limit
const info = await rateLimit.checkRateLimit();
console.log(`${info.remaining}/${info.limit} requests remaining`);

// Reserve budget before operations
const reservation = await rateLimit.reserveBudget(50, {
  safetyMargin: 10,
  maxWaitTime: 60000
});

if (!reservation.reserved) {
  console.log(`Cannot proceed: ${reservation.reason}`);
}

// Proactive checking
const canProceed = await rateLimit.canProceed(100, {
  threshold: 50,
  safetyMargin: 20
});

Issue Management

import { IssueManager } from '@dependabit/github-client';

const issues = new IssueManager(token);

// Create issue for dependency update
const issue = await issues.createIssue({
  owner: 'user',
  repo: 'project',
  title: 'Update dependency X',
  body: 'New version available',
  severity: 'minor',
  dependency: {
    id: 'dep-123',
    url: 'https://github.com/org/dep'
  }
});

// Find existing issue
const existing = await issues.findExistingIssue({
  owner: 'user',
  repo: 'project',
  dependencyId: 'dep-123'
});

// Update issue
await issues.updateIssue({
  owner: 'user',
  repo: 'project',
  issueNumber: 42,
  body: 'Updated information',
  severity: 'major'
});

Release Management

import { ReleaseManager } from '@dependabit/github-client';

const releases = new ReleaseManager(token);

// Get latest release
const latest = await releases.getLatestRelease('owner', 'repo');

// Get specific release
const release = await releases.getReleaseByTag('owner', 'repo', 'v1.0.0');

// Compare releases
const comparison = await releases.compareReleases(
  'owner',
  'repo',
  'v1.0.0',
  'v2.0.0'
);

console.log(`Breaking changes: ${comparison.hasBreakingChanges}`);

Commit Tracking

import { getCommitsSince } from '@dependabit/github-client';

const commits = await getCommitsSince({
  owner: 'user',
  repo: 'project',
  since: new Date('2024-01-01'),
  author: 'username'
});

False Positive Feedback

import { FeedbackListener } from '@dependabit/github-client';

const feedback = new FeedbackListener(issueManager, {
  truePositiveLabel: 'true-positive',
  falsePositiveLabel: 'false-positive'
});

// Collect feedback from last 30 days
const data = await feedback.getRecentFeedback(30);

console.log(`False positives: ${data.falsePositives.length}`);
console.log(`True positives: ${data.truePositives.length}`);

// Calculate rate
const rate = await feedback.getFeedbackRate();
console.log(`FP rate: ${(rate.falsePositiveRate * 100).toFixed(1)}%`);

// Monitor specific issue
const hasFeedback = await feedback.monitorIssue(123);

API Reference

Client

  • createGitHubClient(config): Create client instance
  • getRateLimit(): Get current rate limit info
  • checkRateLimit(): Check and warn about rate limits
  • withRateLimit(fn): Execute function with rate limit checking

Authentication

  • TokenAuthHandler: GitHub PAT authentication
  • OAuthHandler: OAuth 2.0 flow
  • BasicAuthHandler: Basic HTTP authentication
  • AuthManager: Unified auth management

Rate Limiting

  • RateLimitHandler: Rate limit management
  • reserveBudget(calls, options): Reserve API call budget
  • canProceed(calls, options): Check if operation can proceed
  • getRateLimitStatus(): Get detailed status

Issues

  • createIssue(data): Create new issue
  • findExistingIssue(params): Find existing issue
  • updateIssue(data): Update issue

Releases

  • getLatestRelease(owner, repo): Get latest release
  • getReleaseByTag(owner, repo, tag): Get specific release
  • compareReleases(owner, repo, from, to): Compare two releases

Feedback

  • FeedbackListener: Monitor false positive feedback
  • collectFeedback(options): Collect feedback data
  • getFeedbackRate(options): Calculate FP rate
  • getRecentFeedback(days): Get recent feedback

Development

# Install dependencies
pnpm install

# Build
pnpm build

# Run tests
pnpm test

# Type check
pnpm type-check

License

MIT