{"id":13453126,"url":"https://github.com/joselfonseca/laravel-api","last_synced_at":"2025-10-05T21:31:37.242Z","repository":{"id":4261784,"uuid":"52485545","full_name":"joselfonseca/laravel-api","owner":"joselfonseca","description":"Laravel API starter Kit will provide you with the tools for making API's that everyone will love","archived":true,"fork":false,"pushed_at":"2023-02-01T19:26:28.000Z","size":16206,"stargazers_count":425,"open_issues_count":1,"forks_count":117,"subscribers_count":29,"default_branch":"develop","last_synced_at":"2025-01-24T13:37:26.542Z","etag":null,"topics":["aglio","api","composer","laravel-api","passport"],"latest_commit_sha":null,"homepage":"","language":"Blade","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/joselfonseca.png","metadata":{"files":{"readme":"readme.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2016-02-25T00:51:03.000Z","updated_at":"2024-09-07T10:41:10.000Z","dependencies_parsed_at":"2023-02-17T10:00:39.204Z","dependency_job_id":null,"html_url":"https://github.com/joselfonseca/laravel-api","commit_stats":null,"previous_names":[],"tags_count":39,"template":false,"template_full_name":null,"purl":"pkg:github/joselfonseca/laravel-api","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/joselfonseca%2Flaravel-api","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/joselfonseca%2Flaravel-api/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/joselfonseca%2Flaravel-api/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/joselfonseca%2Flaravel-api/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/joselfonseca","download_url":"https://codeload.github.com/joselfonseca/laravel-api/tar.gz/refs/heads/develop","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/joselfonseca%2Flaravel-api/sbom","scorecard":{"id":533334,"data":{"date":"2025-08-11","repo":{"name":"github.com/joselfonseca/laravel-api","commit":"4d46d1d4ebd29de95880ce1ab87c131f2ebb462a"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":2.5,"checks":[{"name":"Code-Review","score":0,"reason":"Found 0/18 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/run-tests.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Maintained","score":0,"reason":"project is archived","details":["Warn: Repository is archived."],"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: MIT License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 17 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":0,"reason":"16 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-wxmh-65f7-jcvw","Warn: Project is vulnerable to: GHSA-78fx-h6xr-vch4","Warn: Project is vulnerable to: GHSA-gv7v-rgg6-548h","Warn: Project is vulnerable to: GHSA-3527-qv2q-pfvx","Warn: Project is vulnerable to: GHSA-c2pc-g5qf-rfrf","Warn: Project is vulnerable to: GHSA-wj7q-gjg8-3cpm","Warn: Project is vulnerable to: GHSA-j3f9-p6hm-5w6q","Warn: Project is vulnerable to: GHSA-wjfc-pgfp-pv9c","Warn: Project is vulnerable to: GHSA-ff7q-6vwh-v9m4","Warn: Project is vulnerable to: GHSA-hg35-mp25-qf6h","Warn: Project is vulnerable to: GHSA-hm7p-r324-hhf3","Warn: Project is vulnerable to: GHSA-jpr7-q523-hx25","Warn: Project is vulnerable to: GHSA-jr22-8qgm-4q87","Warn: Project is vulnerable to: GHSA-mrqx-rp3w-jpjp","Warn: Project is vulnerable to: GHSA-h7vf-5wrv-9fhv","Warn: Project is vulnerable to: GHSA-qq5c-677p-737q"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/run-tests.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/joselfonseca/laravel-api/run-tests.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/run-tests.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/joselfonseca/laravel-api/run-tests.yml/develop?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/run-tests.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/joselfonseca/laravel-api/run-tests.yml/develop?enable=pin","Info:   0 out of   2 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of   1 third-party GitHubAction dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'develop'","Warn: branch protection not enabled for branch '7.0'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}}]},"last_synced_at":"2025-08-20T06:16:35.195Z","repository_id":4261784,"created_at":"2025-08-20T06:16:35.195Z","updated_at":"2025-08-20T06:16:35.195Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":278525526,"owners_count":26001321,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-05T02:00:06.059Z","response_time":54,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["aglio","api","composer","laravel-api","passport"],"created_at":"2024-07-31T08:00:33.459Z","updated_at":"2025-10-05T21:31:36.279Z","avatar_url":"https://github.com/joselfonseca.png","language":"Blade","funding_links":[],"categories":["Starter Projects"],"sub_categories":[],"readme":"## Laravel API Starter Kit\n\n[![Total Downloads](https://poser.pugx.org/joselfonseca/laravel-api/downloads.svg)](https://packagist.org/packages/joselfonseca/laravel-api) \n[![License](https://poser.pugx.org/laravel/framework/license.svg)](https://packagist.org/packages/laravel/framework)\n\n![](https://dev-to-uploads.s3.amazonaws.com/i/4om2rgvulc688tlcj31c.jpg)\n\nLaravel API starter Kit will provide you with the tools for making API's that everyone will love, API Authentication is already provided with passport. \n\nHere is a list of the packages installed:\n\n- [Laravel Passport](https://laravel.com/docs/8.x/passport)\n- [Laravel Socialite](https://laravel.com/docs/8.x/socialite)\n- [Laravel Fractal](https://github.com/spatie/laravel-fractal)\n- [Laravel Permission](https://github.com/spatie/laravel-permission)\n- [Intervention Image](http://image.intervention.io/)\n\n## Installation\n\nTo install the project you can use composer\n\n```bash\ncomposer create-project joselfonseca/laravel-api new-api\n```\n\nModify the .env file to suit your needs\n\n```\nAPP_NAME=Laravel\nAPP_ENV=local\nAPP_KEY=\nAPP_DEBUG=true\nAPP_URL=http://localhost\n\nLOG_CHANNEL=stack\nLOG_LEVEL=debug\n\nDB_CONNECTION=mysql\nDB_HOST=127.0.0.1\nDB_PORT=3306\nDB_DATABASE=laravel\nDB_USERNAME=root\nDB_PASSWORD=\n\nBROADCAST_DRIVER=log\nCACHE_DRIVER=file\nQUEUE_CONNECTION=sync\nSESSION_DRIVER=file\nSESSION_LIFETIME=120\n\nMEMCACHED_HOST=127.0.0.1\n\nREDIS_HOST=127.0.0.1\nREDIS_PASSWORD=null\nREDIS_PORT=6379\n\nMAIL_MAILER=smtp\nMAIL_HOST=mailhog\nMAIL_PORT=1025\nMAIL_USERNAME=null\nMAIL_PASSWORD=null\nMAIL_ENCRYPTION=null\nMAIL_FROM_ADDRESS=null\nMAIL_FROM_NAME=\"${APP_NAME}\"\n\nAWS_ACCESS_KEY_ID=\nAWS_SECRET_ACCESS_KEY=\nAWS_DEFAULT_REGION=us-east-1\nAWS_BUCKET=\n\nPUSHER_APP_ID=\nPUSHER_APP_KEY=\nPUSHER_APP_SECRET=\nPUSHER_APP_CLUSTER=mt1\n\nMIX_PUSHER_APP_KEY=\"${PUSHER_APP_KEY}\"\nMIX_PUSHER_APP_CLUSTER=\"${PUSHER_APP_CLUSTER}\"\n```\n\nWhen you have the .env with your database connection set up you can run your migrations\n\n```bash\nphp artisan migrate\n```\nThen run `php artisan passport:install`\n\nRun `php artisan db:seed` and you should have a new user with the roles and permissions set up\n\n## Tests\n\nNavigate to the project root and run `vendor/bin/phpunit` after installing all the composer dependencies and after the .env file was created.\n\n## API documentation\nThe project uses API blueprint as API spec and [Aglio](https://github.com/danielgtaylor/aglio) to render the API docs, please install aglio and [merge-apib](https://github.com/ValeriaVG/merge-apib) in your machine and then you can run the following command to compile and render the API docs \n```bash\ncomposer api-docs\n```\n\n## License\n\nThe Laravel API Starter kit is open-sourced software licensed under the [MIT license](http://opensource.org/licenses/MIT)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjoselfonseca%2Flaravel-api","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fjoselfonseca%2Flaravel-api","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjoselfonseca%2Flaravel-api/lists"}