{"id":23143474,"url":"https://github.com/digitalinteraction/deconf-api-toolkit","last_synced_at":"2026-01-27T06:01:30.698Z","repository":{"id":265572612,"uuid":"331694823","full_name":"digitalinteraction/deconf-api-toolkit","owner":"digitalinteraction","description":"A library for running decentralised virtual conferences","archived":false,"fork":false,"pushed_at":"2023-03-15T17:22:38.000Z","size":2128,"stargazers_count":2,"open_issues_count":30,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-09-21T13:36:11.716Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"https://deconf-api.openlab.dev/","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/digitalinteraction.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2021-01-21T17:00:14.000Z","updated_at":"2024-11-08T12:31:50.000Z","dependencies_parsed_at":"2024-11-30T08:58:52.482Z","dependency_job_id":null,"html_url":"https://github.com/digitalinteraction/deconf-api-toolkit","commit_stats":null,"previous_names":["digitalinteraction/deconf-api-toolkit"],"tags_count":40,"template":false,"template_full_name":null,"purl":"pkg:github/digitalinteraction/deconf-api-toolkit","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/digitalinteraction%2Fdeconf-api-toolkit","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/digitalinteraction%2Fdeconf-api-toolkit/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/digitalinteraction%2Fdeconf-api-toolkit/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/digitalinteraction%2Fdeconf-api-toolkit/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/digitalinteraction","download_url":"https://codeload.github.com/digitalinteraction/deconf-api-toolkit/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/digitalinteraction%2Fdeconf-api-toolkit/sbom","scorecard":{"id":342525,"data":{"date":"2025-08-11","repo":{"name":"github.com/digitalinteraction/deconf-api-toolkit","commit":"d1bac26e4090e9c2c0c3f8f9d3eadaa63fb07fc4"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":2.6,"checks":[{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Code-Review","score":0,"reason":"Found 0/30 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Info: jobLevel 'contents' permission set to 'read': .github/workflows/pages.yml:14","Warn: no topLevel permission defined: .github/workflows/ci.yml:1","Warn: no topLevel permission defined: .github/workflows/pages.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Pinned-Dependencies","score":1,"reason":"dependency not pinned by hash detected -- score normalized to 1","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:10: update your workflow using https://app.stepsecurity.io/secureworkflow/digitalinteraction/deconf-api-toolkit/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/digitalinteraction/deconf-api-toolkit/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/digitalinteraction/deconf-api-toolkit/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pages.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/digitalinteraction/deconf-api-toolkit/pages.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pages.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/digitalinteraction/deconf-api-toolkit/pages.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pages.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/digitalinteraction/deconf-api-toolkit/pages.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pages.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/digitalinteraction/deconf-api-toolkit/pages.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pages.yml:45: update your workflow using https://app.stepsecurity.io/secureworkflow/digitalinteraction/deconf-api-toolkit/pages.yml/main?enable=pin","Warn: npmCommand not pinned by hash: .github/workflows/ci.yml:25","Info:   0 out of   8 GitHub-owned GitHubAction dependencies pinned","Info:   1 out of   2 npmCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: MIT License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'main'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 1 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":0,"reason":"33 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-968p-4wvh-cqc8","Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92","Warn: Project is vulnerable to: GHSA-wf5p-g6vw-rhxx","Warn: Project is vulnerable to: GHSA-jr5f-v2jv-69x6","Warn: Project is vulnerable to: GHSA-qwcr-r2fm-qrc7","Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw","Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg","Warn: Project is vulnerable to: GHSA-x9w5-v3q2-3rhw","Warn: Project is vulnerable to: GHSA-pxg6-pf52-xh8x","Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275","Warn: Project is vulnerable to: GHSA-434g-2637-qmqr","Warn: Project is vulnerable to: GHSA-49q7-c7j4-3p7m","Warn: Project is vulnerable to: GHSA-977x-g7h5-7qgw","Warn: Project is vulnerable to: GHSA-f7q4-pwc6-w24p","Warn: Project is vulnerable to: GHSA-fc9h-whq2-v747","Warn: Project is vulnerable to: GHSA-vjh7-7g9h-fjfh","Warn: Project is vulnerable to: GHSA-rv95-896h-c2vc","Warn: Project is vulnerable to: GHSA-qw6h-vgh9-j6wx","Warn: Project is vulnerable to: GHSA-x3cc-x39p-42qx","Warn: Project is vulnerable to: GHSA-jchw-25xp-jwwc","Warn: Project is vulnerable to: GHSA-cxjh-pqwp-8mfp","Warn: Project is vulnerable to: GHSA-rc47-6667-2j5j","Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv","Warn: Project is vulnerable to: GHSA-mwcw-c2x4-8c55","Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j","Warn: Project is vulnerable to: GHSA-rhx6-c78j-4q9w","Warn: Project is vulnerable to: GHSA-h7cp-r72f-jxh6","Warn: Project is vulnerable to: GHSA-v62p-rq8g-8h59","Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw","Warn: Project is vulnerable to: GHSA-m6fv-jmcg-4jfg","Warn: Project is vulnerable to: GHSA-cm22-4g7w-348p","Warn: Project is vulnerable to: GHSA-776f-qx25-q3cc","Warn: Project is vulnerable to: GHSA-f9xv-q969-pqx4"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-18T06:13:41.217Z","repository_id":265572612,"created_at":"2025-08-18T06:13:41.217Z","updated_at":"2025-08-18T06:13:41.217Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28805327,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-27T05:43:52.625Z","status":"ssl_error","status_checked_at":"2026-01-27T05:43:48.957Z","response_time":168,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-12-17T15:13:31.690Z","updated_at":"2026-01-27T06:01:30.693Z","avatar_url":"https://github.com/digitalinteraction.png","language":"TypeScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# deconf-api-toolkit\n\n\u003c!-- toc-head --\u003e\n\n## Table of contents\n\n- [Architecture](#architecture)\n- [How does it work](#how-does-it-work)\n- [Extensions](#extensions)\n- [Development](#development)\n  - [setup](#setup)\n  - [regular use](#regular-use)\n  - [irregular use](#irregular-use)\n  - [example app](#example-app)\n  - [releasing](#releasing)\n\n\u003c!-- toc-tail --\u003e\n\ndeconf is a set of libraries for running decentralised virtual conferences.\nThis toolkit is a http-agnostic node.js package for creating a headless API to run a conference.\n\nThis library is currently an adaptation from\n[digitalinteraction/climatered-api](https://github.com/digitalinteraction/climatered-api)\nwhich was the API behind the [climate.red](https://climate.red) virtual summit.\n\nThe purpose of this library is to take the knowledge and experience we gained from\nrunning that conference and to expose the functionality to run more conferences.\n\nThis API toolkit is being design hand-in-hand with a UI toolkit which does the\nsame for the visual components of the conference - _work in progress_\n\n## Architecture\n\nApi toolkit is designed to be framework agnostic in terms of a http lbrary (e.g. express),\nbut it does rely on some infrastructure.\n\n- It uses a redis cache to store conference resources which are served to users\n- It uses JWT authentication to authorize access to resources and links\n- It uses postgres to store attendees and track their attendance to sessions\n\nEfforts might be made in the future to make the toolkit more agnostic\nbut for not you can swap out modules/services by supplying something with the same interface.\n\n## How does it work\n\nThe features of the conference have been split up into interchangable modules\nso you can configure your own conference API with some or all of the same features.\n\nThe current modules are:\n\n- Accounts - _coming soon_\n- Attendance - Endpoints for tracking attendance to sessions\n- Carbon - Endpoints for calculating c02 savings by hosting the conference online\n- Coffee - _coming soon_ - Endpoints for matchmaking webrtc coffee chats\n- GitScraper - _coming soon_ - utilities for fetching, parsing \u0026 validating static content from git\n- Migrate - utilities for running migrations on the postgres database\n- Interpret - _coming soon_ - Endpoints for running real-time audio interpretation\n- Schedule - Endpoints for the conference schedule resources\n\nAll http-releated modules return a HttpResponse instance which you can\nbind to your own http framework (express, koa, etc).\n\n```ts\nclass HttpResponse {\n  constructor(\n    public status: number,\n    public body: any = '',\n    public headers: any = {}\n  ) {}\n}\n```\n\nThese modules internally use a set of services, some of which are provided\nbut all can be overidden to add your own implementations\n\n- Authentication - for authenticating requests / sockets\n- Conference - for pulling schedule resources from redis\n- Email - **user-provided** for sending emails to users i.e. when logging in\n- I18n - for loading translations and accessing them\n- Jwt - for signing and verifying Json Web Tokens\n- Postgres - for access to postgres with client-pooling\n- Query - for querying data from postgres\n- Redis - for fetching data from redis\n- Url - **user provided** for creating urls for resources / pages\n\nServices and Modules internally use structs which are written using\n[superstruct](https://www.npmjs.com/package/superstruct).\nsee [src/structs](./src/structs)\n\n## Extensions\n\nSome services you need to provide yourself as there is no agnostic way of implementing them\nand you can swap out any modules or services if you want to work differently.\n\nServices are the internal reusable logic and modules are public-facing code that\ncan be imported and used.\n\nThe components of the toolkit rely on dependency injection to talk to each other.\nA module or service is defined in three parts, say we were adding a `Random` module:\n\n```ts\n// First is the service interface\ninterface RandomModule {\n  generateFloat(min: number, max: number): number\n}\n\n// Second is the service's options\n// lets say it relies on a made up \"Entropy\" service\ninterface RandomOptions {\n  entropy: EntropyService\n}\n\n// Third is the constructor for the module\nfunction createRandomModule(options: RandomOptions): RandomModule {\n  return {\n    generateFloat(min, max) {\n      return min + Math.floor(entropy.generate() * (max - min))\n    },\n  }\n}\n```\n\n## Development\n\n### setup\n\n```bash\nnpm install\n```\n\n### regular use\n\n```bash\nnpm test\n```\n\n### irregular use\n\n```bash\n# manually run prettier (auto-runs on git-stage)\nnpm run format\n\n# manually lint typescript\nnpm run lint\n\n# generate coverage and open the report\nnpm run coverage\nopen coverage/lcov-report/index.html\n\n# generate the table of contents in this readme\nnpm run readme-toc\n\n# manually compile TypeScript\nnpm run build\n```\n\n### example app\n\n```bash\n# Run the docker stack and start the server\n# -\u003e Redis is on redis://localhost:6379\n# -\u003e Postgres is on postgres://user:secret@localhost:5432/user\n# -\u003e Server runs on http://localhost:3000\ndocker-compose up -f examples/docker-compose.yml\n```\n\n### releasing\n\nGit commits to this repo **must** follow [conventional commits](https://www.conventionalcommits.org/en/v1.0.0/)\nwhich lets us auto-generate the [CHANGELOG.md](/CHANGELOG.md)\nand decide the next version of the package.\n\n```bash\n# generate a new version and publish it\nnpm release\n```\n\n---\n\n\u003e setup with [puggle](https://www.npmjs.com/package/puggle)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdigitalinteraction%2Fdeconf-api-toolkit","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdigitalinteraction%2Fdeconf-api-toolkit","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdigitalinteraction%2Fdeconf-api-toolkit/lists"}