{"id":13394268,"url":"https://github.com/deployd/deployd","last_synced_at":"2025-12-16T16:00:11.849Z","repository":{"id":1642628,"uuid":"2367681","full_name":"deployd/deployd","owner":"deployd","description":"a toolkit for building realtime APIs","archived":false,"fork":false,"pushed_at":"2019-04-16T08:53:35.000Z","size":10281,"stargazers_count":4965,"open_issues_count":135,"forks_count":661,"subscribers_count":207,"default_branch":"master","last_synced_at":"2025-07-05T07:04:31.000Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"http://www.deployd.com","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/deployd.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2011-09-11T21:58:04.000Z","updated_at":"2025-07-02T23:32:32.000Z","dependencies_parsed_at":"2022-07-12T14:56:13.641Z","dependency_job_id":null,"html_url":"https://github.com/deployd/deployd","commit_stats":null,"previous_names":[],"tags_count":59,"template":false,"template_full_name":null,"purl":"pkg:github/deployd/deployd","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/deployd%2Fdeployd","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/deployd%2Fdeployd/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/deployd%2Fdeployd/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/deployd%2Fdeployd/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/deployd","download_url":"https://codeload.github.com/deployd/deployd/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/deployd%2Fdeployd/sbom","scorecard":{"id":334948,"data":{"date":"2025-08-11","repo":{"name":"github.com/deployd/deployd","commit":"13eeee1e74c32ba0f9d73c051b89ca3427f45ab4"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":4.3,"checks":[{"name":"Code-Review","score":9,"reason":"Found 28/30 approved changesets -- score normalized to 9","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Token-Permissions","score":-1,"reason":"No tokens found","details":null,"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Dangerous-Workflow","score":-1,"reason":"no workflows found","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Pinned-Dependencies","score":-1,"reason":"no dependencies found","details":null,"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"License","score":0,"reason":"license file not detected","details":["Warn: project does not have a license file"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 30 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}}]},"last_synced_at":"2025-08-18T04:30:01.179Z","repository_id":1642628,"created_at":"2025-08-18T04:30:01.179Z","updated_at":"2025-08-18T04:30:01.179Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":27767503,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-12-16T02:00:10.477Z","response_time":57,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-07-30T17:01:14.371Z","updated_at":"2025-12-16T16:00:11.769Z","avatar_url":"https://github.com/deployd.png","language":"JavaScript","readme":"# deployd\n\n\u003e the simplest way to build an api.\n\n⚠️  Deployd is not actively maintained anymore. Important bug fixes PRs will be merged (if properly tested and documented) but the existing maintainers don't have time and motivation to build new features.\n\n[![Gitter](https://badges.gitter.im/Join%20Chat.svg)](https://gitter.im/deployd/deployd)  [![Current Version](https://img.shields.io/npm/v/deployd.svg?style=flat-square)](https://www.npmjs.org/package/deployd) [![Build Status](https://img.shields.io/travis/deployd/deployd.svg?style=flat-square)](http://travis-ci.org/deployd/deployd)\n\n## overview\n\nDeployd is the simplest way to build realtime APIs for web and mobile apps. Ready-made, configurable Resources add common functionality to a Deployd backend, which can be further customized with JavaScript Events.\n\n## features\n\n - secure access to database APIs directly from untrusted clients (browser js, mobile apps, etc)\n - notify clients in realtime of events occurring within the database\n - user and session management\n - all APIs exposed over REST / HTTP\n - bundled browser JavaScript client\n - web socket authentication and session management\n - can be hosted by modern cloud platforms\n - support extension through node modules and npm\n\n[Read more about deployd](http://deployd.com)\n\n⚠️ Deployd v1.0.0 has been released. [Read the migration guide](#migration-guide-to-v1.0.0) below.\n\n## Requirements\n\nDeployd is built using node and published using npm.  \nTo install and use it, you need to install **[Node.JS](https://nodejs.org/en/download/)**.\n\n## quick start\n\n\t$ npm install deployd-cli -g\n\t$ dpd create hello\n\t$ cd hello\n\t$ dpd -d\n\n## Best Practices\n\n 1. Once you start writing anything serious, you should start your project using a node script instead of the `dpd` command. [Read more here](http://docs.deployd.com/docs/server/run-script.html). `Dpd` is only meant to be used as a quick prototyping tool.\n 2. You are encouraged to structure your resources in a hierarchy based on what they belong to. Since deployd 1.1.0 you can name your resources like the following example:\n\n    1. Assume your user collection is named `users`\n    2. Their associated photos could be in a collection named `users/photos`.\n    3. A potential [dpd-event](https://www.npmjs.org/package/dpd-event) script associated to photos could go in `users/photos/resize`.\n\n 3. Once your project grows, you may find yourself writing code in one place that you need elsewhere. Take a look at [dpd-codemodule](https://www.npmjs.org/package/dpd-codemodule) for this purpose.\n 4. Keep in mind that `deployd` comes with **absolutely no built-in access control checking**. Anyone can delete, read, or update any information from any collection unless you close this down. We recommend plugging in your permission checks in `On BeforeRequest` events, and/or other appropriate places.\n 5. The [dpd-clientlib](https://www.npmjs.org/package/dpd-clientlib) package is provided mostly as a convenience and should probably not be used directly in production. Once your project outgrows it, feel free to replace it with something else. You may use any HTTP library and/or [socket.io](https://www.npmjs.org/package/socket.io) client implementation to interact with deployd. Please see the documentation for more information.\n 6. You will find plugins for various sorts of tasks on [npm](https://www.npmjs.org/) if you search for `dpd`. Deployd plugins start with dpd-*name*\n 7. You can use `deployd` in a cluster configuration. In order for the socket.io adapter to be able to emit to clients on other cluster nodes, you will need to use Redis as a pub/sub server. See [here](https://github.com/deployd/deployd/pull/698) for more information.\n 8. Try not to run `dpd.somecollection.get()` type queries inside `On GET` handlers. \n    1. These can have severe performance implications especially when running queries that return multiple results, because each subquery will execute at least once for every document returned. \n    2. Instead you should put your logic in [dpd-event](https://www.npmjs.org/package/dpd-event) scripts that run as fewer queries as possible, and which concatenate the results using code. [lodash](https://www.npmjs.org/package/lodash) can be a good library to help with merging results.\n \n ## Other notes:\n \n - *emit to users* type calls that return multiple results (eg: `emit(dpd.users, {active: true}, 'postModified', this);`) are inefficient and should be avoided. Instead you should join sessions to rooms and emit to rooms instead. See PR [698](https://github.com/deployd/deployd/pull/698) for more info.\n - if you do not use [dpd-clientlib](https://www.npmjs.org/package/dpd-clientlib), keep in mind that you will need to associate the connected websocket with the session id after authenticating. You can do this by emitting a `server:setsession` message on the socket, with a payload of `{sid: 'sessionid'}`. You can get the session id by calling the `login` method of the user collection resource. See the documentation for more information.\n\n## Helpful Resources\n\n - [Docs](http://docs.deployd.com/)\n - [Getting Started Guide](http://docs.deployd.com/docs/getting-started/what-is-deployd.html)\n - [Hello World Tutorial](http://docs.deployd.com/docs/getting-started/your-first-api.html)\n - [API Docs](http://docs.deployd.com/api)\n - [Community Discussion Page](https://groups.google.com/forum/?fromgroups#!forum/deployd-users)\n - [Gitter Chat Page](https://gitter.im/deployd/deployd)\n - [Example Apps](http://docs.deployd.com/examples/)\n\n\n## Migration guide to v1.0.0\n\nv1.0.0 contains a big refactoring: the CLI, dashboard and client-lib has been extracted from the core to allow easier contributions and maintainability.  \nHere's a guide to help you migrate to v.1.0.0.\n\nIf you start your application [using a node script (recommended)](http://docs.deployd.com/docs/server/run-script.html), you just need to update the `deployd` dependency and add the missing ones (client-lib and dashboard).\n\n```bash\n$ npm install deployd@latest --save\n$ npm install dpd-dashboard dpd-clientlib --save-dev\n```\n\nIf you use the CLI to start your app (using `dpd` inside your app folder), you will need to uninstall the old global version of `deployd` and install `deployd-cli`.\n`npm uninstall deployd -g \u0026\u0026 npm install deployd-cli -g`\n\nIf you have trouble making it work, feel free to ask for help on [the chat](https://gitter.im/deployd/deployd).\n\n## install from npm\n\nOnce Node.JS is installed, open your terminal and type the following command:\n\n```bash\nnpm install deployd-cli -g\n```\n\nthe `dpd` command should be available. Type `dpd -V` and the current version should appear.\n\n## install on windows\n\nThe windows installer is deprecated. The recommended way is now npm (`npm install deployd-cli -g`) and [install mongodb](https://docs.mongodb.com/manual/tutorial/install-mongodb-on-windows/) separately.\n\n## install on macosx\n\nThe macosx installer is deprecated. The recommended way is now npm (`npm install deployd-cli -g`) and [install mongodb](http://docs.mongodb.org/manual/tutorial/install-mongodb-on-os-x/) separately.\n\n## install from source\n\n\tgit clone https://github.com/deployd/deployd.git\n\tnpm install\n\n## unit \u0026 integration tests\n\n\tcd deployd\n\tmongod \u0026\n\tnpm test\n\n## license\n\n    Licensed under the Apache License, Version 2.0 (the \"License\");\n    you may not use this file except in compliance with the License.\n    You may obtain a copy of the License at\n\n        http://www.apache.org/licenses/LICENSE-2.0\n\n    Unless required by applicable law or agreed to in writing, software\n    distributed under the License is distributed on an \"AS IS\" BASIS,\n    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n    See the License for the specific language governing permissions and\n    limitations under the License.\n\n    Copyright 2017 deployd llc\n","funding_links":[],"categories":["`API Frameworks`","JavaScript","others","Uncategorized","API Frameworks"],"sub_categories":["Javascript","Uncategorized"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdeployd%2Fdeployd","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdeployd%2Fdeployd","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdeployd%2Fdeployd/lists"}