{"id":18084805,"url":"https://github.com/coderofsalvation/aap","last_synced_at":"2026-02-10T22:34:15.830Z","repository":{"id":57171758,"uuid":"47400292","full_name":"coderofsalvation/aap","owner":"coderofsalvation","description":"an npm-like, highlevel dependency manager, buildtool and installer using bash+git","archived":false,"fork":false,"pushed_at":"2020-05-28T18:13:57.000Z","size":35,"stargazers_count":3,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-10-05T19:46:12.253Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/coderofsalvation.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":".github/FUNDING.yml","license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null},"funding":{"custom":"https://gumroad.com/l/hGYGh"}},"created_at":"2015-12-04T11:33:27.000Z","updated_at":"2020-05-28T18:13:59.000Z","dependencies_parsed_at":"2022-08-24T14:40:49.903Z","dependency_job_id":null,"html_url":"https://github.com/coderofsalvation/aap","commit_stats":null,"previous_names":[],"tags_count":2,"template":false,"template_full_name":null,"purl":"pkg:github/coderofsalvation/aap","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/coderofsalvation%2Faap","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/coderofsalvation%2Faap/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/coderofsalvation%2Faap/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/coderofsalvation%2Faap/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/coderofsalvation","download_url":"https://codeload.github.com/coderofsalvation/aap/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/coderofsalvation%2Faap/sbom","scorecard":{"id":297569,"data":{"date":"2025-08-11","repo":{"name":"github.com/coderofsalvation/aap","commit":"b54877aa7f12855b5c7716f76b106fa458ad35c6"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":2.6,"checks":[{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Code-Review","score":0,"reason":"Found 0/27 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Dangerous-Workflow","score":-1,"reason":"no workflows found","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"SAST","score":0,"reason":"no SAST tool detected","details":["Warn: no pull requests merged into dev branch"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Token-Permissions","score":-1,"reason":"No tokens found","details":null,"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Pinned-Dependencies","score":-1,"reason":"no dependencies found","details":null,"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"License","score":0,"reason":"license file not detected","details":["Warn: project does not have a license file"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'master'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}}]},"last_synced_at":"2025-08-17T19:55:23.564Z","repository_id":57171758,"created_at":"2025-08-17T19:55:23.564Z","updated_at":"2025-08-17T19:55:23.564Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29319690,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-02-10T20:44:44.282Z","status":"ssl_error","status_checked_at":"2026-02-10T20:44:43.393Z","response_time":65,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-10-31T15:08:16.141Z","updated_at":"2026-02-10T22:34:15.805Z","avatar_url":"https://github.com/coderofsalvation.png","language":"Shell","funding_links":["https://gumroad.com/l/hGYGh"],"categories":[],"sub_categories":[],"readme":"\u003cimg alt=\"\" src=\"doc/logo.jpg\"/\u003e\n\nIn the beginning there was bash..and bash had aap.json\n\n![Build Status](https://travis-ci.org/coderofsalvation/aap.svg?branch=master)\n\n## Getting started \n\nIf you're used to `npm` or `composer`, you will feel right at home.\nLets start a project by adding dependencies to it:\n\n $ git init \n $ aap init\n $ aap install ssh+git://user@bitbucket.org/username/backend.git --save\n $ aap install ssh+git://user@github.com/username/core-api.git --save\n $ aap install ssh+git://user@bitbucket.org/username/landingpage.git --save\n $ aap install ssh+git://user@github.com/username/crm-api.git@1.3.4#master --save\n $ aap install ssh+git://user@github.com/username/docker.mysql.git --save\n $ aap install ssh+git://user@github.com/username/docker.mongodb.git --save\n $ aap install npm://css2js@1.0.3 --save \n $ aap install composer://myphppackage@1.4.3 --save \n $ mkdir python\n $ cd python \u0026\u0026 ../../aap install pip://mypythonpackage --save \n \nNice! Now aap.json will look like [this](doc/aap.json)\n\nNow lets push our `aap.json` buildpack to the repo:\n\n $ git add aap.json \u0026\u0026 git commit -m \"added aap manifest\"\n $ git push origin master\n\nCongrats! Now with this `aap.json`, other devs can easily install dependencies like so:\n\n $ aap install\n\n installing 'backend'\n ├─ $ git clone ssh+git://user@bitbucket.org/username/backend.git\n ├─ Cloning into 'backend'...\n ├─ \n ├─ ʕ•x•ʔ\n ├─ +-+-+-+ Your personal nested build \u0026 dependency monkey\n ├─ |a|a|p| [https://github.com/coderofsalvation/aap]\n ├─ +-+-+-+\n ├─ \n ├─ \n ├─ installing 'backend'\n ├─ ├─ $ git clone https://foo@bitbucket.org/username/backend-html-templates \n ├─ ├─ Cloning into 'backend-html-templates'...\n ├─ \n ...and so on..\n \n\n\u003e NOTE recursive installation is supported when `aap.json` occurs in gitrepo-dependencies as well.\n\n## Usecases\n\nThe usecases can range from application builds from a repository, till selfcontained installers, till\n[deploying docker clouds](doc/cloud.md):\n\n## Scripts, triggers'n' hooks\n\nSee [here how to trigger scripts](doc/scripts.md) using the `aap run \u003ccmd\u003e`, to build and configure stuff from one central place.\nPerfect for monkeypatching your app before turning on the engine, compiling sources etc.\n\n## Installation\n\n npm install aap.bash\n\nor \n\n wget \"https://raw.githubusercontent.com/coderofsalvation/aap/master/aap\" -O aap\n chmod 755 aap\n\n## Why\n\nNow you can easily manage dependencies of gitrepos, npm/composer modules and dockerrepos.\nAll combined in one slim repo.\n\nBasically `aap init` generates `aap.json` like [this](doc/aap.json), which allows you to run:\n\n $ aap install\n\nGet any system to build a project from multiple remote sources.\n\n\u003e Only requirements: git + bash\n\n## Options \n\n $ aap\n Usage: aap \u003ccmd\u003e [options]\n \n aap.json Buildpacks for the web.\n Easily manage dependencies of gitrepos, npm/composer modules and dockerrepos.\n Combine a composable cloud in one slim repo.\n\n Commands:\n\n aap init [name] [options] ┆ generates aap manifest, options:\n ┆ -f = force, overwrites json\n\n aap install [url] [..] [options] ┆ no arguments installs all dependencies in aap.json\n ┆ -f = force, overwrites existing dependencies\n ┆ --save = save dependency to \"dependencies\" in aap.json\n ┆ --save-dev = save dependency to \"devDependencies\"\n ┆ --dev = install from \"devDependencies\"\n ┆\n ┆ valid urls are:\n ┆ git@github.com:user/repo.git\n ┆ ssh+git://user@bitbucket.org/user/repo.git\n ┆ ssh+git://github.com/username/package.git\n ┆ ssh+git://github.com/username/package.git#master\n ┆ ssh+git://github.com/username/package.git#master#commit\n ┆ ssh+git://github.com/username/package.git#master@1.0.2\n ┆ npm://browserify \n ┆ composer://user/packagename\n aap run \u003cscript\u003e ┆ runs script defined in aap.json \n \n## Other possible goals \n\n* [run/deploy a cloud](doc/cloud.md) using multiple Docker cloudservices in one repo using [crowdr](https://github.com/polonskiy/crowdr)\n* depency management: wrap several repositories and modules in one repository\n* use in and outside dockers \n* install package managers in environments where they're not installed\n* avoid git submodules (gets laborous pretty easily)\n* readability: deploy and dependency info confined in one jsonfile (aap.json) to minimize shellscriptism\n\n## Todo \n\n* aap update cmd\n* rewrite in [powscript](http://github.com/coderofsalvation/powscript)\n* git commits and tags\n* npm versions\n* aap bake aap.json \u003e myinstaller\n* global commands: source ~/.aap*.json\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcoderofsalvation%2Faap","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcoderofsalvation%2Faap","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcoderofsalvation%2Faap/lists"}