mcl-repo-scanner

Public repository scanner API example with Metadefender Cloud APIs.

Prerequisites

Before starting the API make sure you have:

a Metadefender Cloud apikey; if not, please go to metadefender.opswat.com and click the "Sign up" button
repository cloned, nodejs & dependencies installed:

git clone git@github.com:vladoros/mcl-repo-scanner.git
npm install

MCL_APIKEY env variable setup with the provided apikey or .env file in repository root

Run the code

Experimental modules flag is required due to usage of ECMAScript modules.

npm start or node --experimental-modules ./index.mjs

Endpoints

All endpoints are cached for 60 seconds & return only JSON. Curently implemented public repos: github, gitlab & bitbucket.

GET /

Serves readme.md as html.

GET /scan/:type?/:username/:repo/:ref?

Will check if specified repository exists & start a scan request with a tarball of the repository then return a result with highest progress available in 25 sec.

Ref is optional, defaults to master.

Type is optional, defaults to github.

curl -X GET http://localhost/scan/github/vladoros/mcl-repo-scanner

POST /scan

Will check if specified repository exists & start a scan request with a tarball of the repository. When done it will return a data_id of the file. Ref is optional, defaults to master.

Type is optional, defaults to github.

curl -d '{"type":"github","username":"vladoros", "repo": "mcl-repo-scanner", "ref": "master"}' \
     -H "Content-Type: application/json" -X POST http://localhost/scan

GET /repo/file/:data_id

Returns the scan response as result.

curl -X GET http://localhost/repo/file/:data_id

GET /repo/hash/:hash

Returns the scan response as result by querying repository tarball hash.

curl -X GET http://localhost/repo/hash/:hash

vladoros/mcl-repo-scanner