{"id":45825074,"url":"https://github.com/pkgjs/wiby","last_synced_at":"2026-02-26T21:51:11.650Z","repository":{"id":41885889,"uuid":"261563473","full_name":"pkgjs/wiby","owner":"pkgjs","description":"\"Will I break you\" - a tool for testing dependents","archived":false,"fork":false,"pushed_at":"2026-02-21T13:50:35.000Z","size":3158,"stargazers_count":40,"open_issues_count":26,"forks_count":9,"subscribers_count":4,"default_branch":"main","last_synced_at":"2026-02-21T20:23:15.159Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/pkgjs.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2020-05-05T19:22:24.000Z","updated_at":"2025-12-15T21:39:45.000Z","dependencies_parsed_at":"2025-05-12T00:23:32.238Z","dependency_job_id":"7a5e87c6-d842-49cc-bc46-cba58c96b5c4","html_url":"https://github.com/pkgjs/wiby","commit_stats":{"total_commits":157,"total_committers":13,"mean_commits":"12.076923076923077","dds":"0.45222929936305734","last_synced_commit":"a777be1032aa829969d8df4e4f696dfbe73616d5"},"previous_names":[],"tags_count":17,"template":false,"template_full_name":null,"purl":"pkg:github/pkgjs/wiby","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pkgjs%2Fwiby","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pkgjs%2Fwiby/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pkgjs%2Fwiby/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pkgjs%2Fwiby/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/pkgjs","download_url":"https://codeload.github.com/pkgjs/wiby/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pkgjs%2Fwiby/sbom","scorecard":{"id":736437,"data":{"date":"2025-08-11","repo":{"name":"github.com/pkgjs/wiby","commit":"f56742b757cb1eb26f1de0107ceb40070470d675"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":3.5,"checks":[{"name":"Code-Review","score":7,"reason":"Found 11/14 approved changesets -- score normalized to 7","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/ci.yaml:1","Warn: no topLevel permission defined: .github/workflows/wiby.yaml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Dangerous-Workflow","score":0,"reason":"dangerous workflow patterns detected","details":["Warn: untrusted code checkout '${{ github.event.pull_request.head.ref }}': .github/workflows/wiby.yaml:69","Warn: untrusted code checkout '${{ github.event.pull_request.head.ref }}': .github/workflows/wiby.yaml:144"],"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yaml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/pkgjs/wiby/ci.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/wiby.yaml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/pkgjs/wiby/wiby.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/wiby.yaml:56: update your workflow using https://app.stepsecurity.io/secureworkflow/pkgjs/wiby/wiby.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/wiby.yaml:70: update your workflow using https://app.stepsecurity.io/secureworkflow/pkgjs/wiby/wiby.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/wiby.yaml:77: update your workflow using https://app.stepsecurity.io/secureworkflow/pkgjs/wiby/wiby.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/wiby.yaml:94: update your workflow using https://app.stepsecurity.io/secureworkflow/pkgjs/wiby/wiby.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/wiby.yaml:109: update your workflow using https://app.stepsecurity.io/secureworkflow/pkgjs/wiby/wiby.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/wiby.yaml:124: update your workflow using https://app.stepsecurity.io/secureworkflow/pkgjs/wiby/wiby.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/wiby.yaml:145: update your workflow using https://app.stepsecurity.io/secureworkflow/pkgjs/wiby/wiby.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/wiby.yaml:152: update your workflow using https://app.stepsecurity.io/secureworkflow/pkgjs/wiby/wiby.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/wiby.yaml:190: update your workflow using https://app.stepsecurity.io/secureworkflow/pkgjs/wiby/wiby.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/wiby.yaml:205: update your workflow using https://app.stepsecurity.io/secureworkflow/pkgjs/wiby/wiby.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/wiby.yaml:221: update your workflow using https://app.stepsecurity.io/secureworkflow/pkgjs/wiby/wiby.yaml/main?enable=pin","Warn: npmCommand not pinned by hash: .github/workflows/wiby.yaml:87","Warn: npmCommand not pinned by hash: .github/workflows/wiby.yaml:178","Info:   0 out of   4 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of   9 third-party GitHubAction dependencies pinned","Info:   0 out of   2 npmCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: Apache License 2.0: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'main'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Security-Policy","score":10,"reason":"security policy file detected","details":["Info: security policy file detected: github.com/pkgjs/.github/SECURITY.md:1","Info: Found linked content: github.com/pkgjs/.github/SECURITY.md:1","Info: Found disclosure, vulnerability, and/or timelines in security policy: github.com/pkgjs/.github/SECURITY.md:1","Info: Found text in security policy: github.com/pkgjs/.github/SECURITY.md:1"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 2 commits out of 29 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}}]},"last_synced_at":"2025-08-22T16:00:14.310Z","repository_id":41885889,"created_at":"2025-08-22T16:00:14.310Z","updated_at":"2025-08-22T16:00:14.310Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29873855,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-02-26T21:05:00.265Z","status":"ssl_error","status_checked_at":"2026-02-26T20:57:13.669Z","response_time":89,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2026-02-26T21:51:10.963Z","updated_at":"2026-02-26T21:51:11.627Z","avatar_url":"https://github.com/pkgjs.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# WIBY (**W**ill **I** **B**reak **Y**ou)\n\nA tool for testing dependents\n\nThis repository is managed by the [Package Maintenance Working Group](https://github.com/nodejs/package-maintenance), see [Governance](https://github.com/nodejs/package-maintenance/blob/master/Governance.md).\n\n## Purpose\nWiby is a tool that will inform and trigger actions on a package to notify it that a registered dependency change may break\nit. This is different from triggering tests once a dependency has been published. The goal is to inform before publication.\nThis will answer the question, \"will I break you?\", not \"did I break you?\".\n\nThe most basic notification of a change in a dependency will be a PR raised in the the dependent repository.\n\nWiby provides 5 basic commands test, clean, close, validate \u0026 result. The tool is intended to provide maintainers with a\nmechanism to both test and inform dependents of possible future breakages.\n\n### Terminology\nThe term **depenedent** shall mean an npm package that consumes another npm package, called a **dependency**, directly\nor indirectly via a tree of reliance through the package.json file. The **wiby** program exists to create a notification to the *dependent*\npackage maintainers of changes made in a dependency. The **WIBY** program, when configured correctly, will raise a Pull\nRequest against the dependent package informing of the change. The **intent** is to provide a notification of possible\nbreakages of the dependent due to reliance on a dependency. No distinction is made between dev and non-dev dependencies.\nThey are all dependencies that could break \"the-example-dependent\" in some operational or test manner. It is noted that\nin general dependent and dependencies are modules they can equally be repositories. For the purpose of this readme examples\nuse github.\n\n![Dependent Dependency Relationship](./images/Dependent-Dependency-Relationship.png)\n\n## Pre-requisites\n\n### Github Token\n\nwiby requires an environment variable `GITHUB_TOKEN` set to a Github access token. This token needs to be granted push\npermissions to the dependent repos.\n\nExample: `export GITHUB_TOKEN=XXXXX`\n\nFor more information on creating a github token see [Github's docs](https://docs.github.com/en/github/authenticating-to-github/creating-a-personal-access-token)\n\n### Running location\n\nwiby is designed to be run from inside the folder containing your source code. This folder needs to be a git repository with a `package.json` that contains information about the packages source on Github.\nExample:\n\n```\n{\n...\n  \"repository\": {\n    \"type\": \"git\",\n    \"url\": \"https://github.com/ORGNAME/REPONAME.git\"\n  }\n...\n}\n```\n\n## Available commands\n\n[wiby test](./USAGE.md#wiby-test)    Test your dependents\n\n[wiby clean](./USAGE.md#wiby-clean) Clean (delete) a PR raised by Wiby\n\n[wiby close_pr](./USAGE.md#wiby-test) Close a PR that was raised by Wiby and successfully run\n\n[wiby validate](./USAGE.md#wiby-validate) Test the validity of the json in the .wiby.json file\n\n[wiby result](./USAGE.md#wiby-result) Fetch the results of your tests\n\n## Development\n\n- This repository uses `semantic-release` with default configuration.\n- Create a new release by running `npx semantic-release`.\n## Examples\n\n- [wiby test](#example-1)\n- [wiby clean](#example-2)\n- [wiby close-pr](#example-3)\n- [wiby validate](#example-4)\n- [wiby result](#example-5)\n\n\nIn the examples the dependent npm package has the following package.json file. From this it is clear it has a dependency\non an example called [example-dependency-id-a](https://github.com/ghinks/example-dependency-id-a). The examples given \nwill show how to configure wiby so that the dependency \"example-dependency-id-a\" will be able to inform the dependent, \n[example-dependent-id-a](https://github.com/ghinks/example-dependent-id-a), of prospective issues.\n\n```json\n{\n  \"name\": \"example-dependent-id-a\",\n  \"version\": \"1.0.0\",\n  \"main\": \"index.js\",\n  \"scripts\": {\n    \"test\": \"tap test.js\"\n  },\n  \"repository\": {\n    \"type\": \"git\",\n    \"url\": \"git+https://github.com/ghinks/example-dependent-id-a.git\"\n  },\n  \"license\": \"ISC\",\n  \"bugs\": {\n    \"url\": \"https://github.com/ghinks/example-dependent-id-a/issues\"\n  },\n  \"homepage\": \"https://github.com/ghinks/example-dependent-id-a#readme\",\n  \"devDependencies\": {\n    \"tap\": \"^15.1.2\"\n  },\n  \"dependencies\": {\n    \"@gvhinks/example-dependency-id-a\": \"^0.0.0-development\"\n  }\n}\n```\nIn this simple case the **dependent** package is called \"example-dependent-id-a\" and the dependencies are\n* tap\n* @gvhinks/example-dependency-id-a\n\nIf WIBY were configured in the dependencies **@gvhinks/example-dependency-id-a** then changes in the that\ndependency would raise a Pull Request agaist the \"example-dependent-id-a\" when the WIBY command was run within this\nrepository.\n\n### \u003ca id=\"example-1\"\u003e\u003c/a\u003eExample 1 wiby test, simply dependent breakage check run locally\nThe following is the most simple use case for *wiby test*. Given a dependent, example-dependent-id-a, and its dependency \nexample-dependency-id-a the following steps are required to raise a notification against the dependent of changes in the \ndependency.\n\n- install wiby as a dependency of example-dependency-id-a\n- create the .wiby.json configuration file\n- ensure that GITHUB_TOKEN is exported\n- run wiby test in the dependency example-dependency-id-a\n\nThis will raise a PR against the dependent configured in the .wiby.json configuration file. It is also possible to use\nwiby with command line arguments and this will be shown in a subsequent example.\n\n#### Step #1 Install Wiby\n```shell\nnpm i wiby -D\n```\n\n#### Step #2 create the .wiby.json configuration file\n\n```shell\necho '{\n  \"dependents\": [\n    {\n      \"repository\": \"https://github.com/ghinks/example-dependent-id-a.git\",\n      \"pullRequest\": true\n    }\n  ]\n} ' \u003e .wiby.json\n```\nThis means that example-dependency-id-a knows that upstream example-dependent-id-a consumes it.\n\n#### Step #3 ensure GITHUB_TOKEN is exported\n\n```shell\nexport GITHUB_TOKEN=XXXXX\n```\n\n#### Step #4 Run Wiby locally\n\n```shell\nwiby test\n```\n\n![Wiby Test Cli Command Output](./images/wiby-test-cli-with-callouts.png)\n\nThis raises a PR against the dependent as specified in the \".wiby.json\" file\n\n![Example PR raised by Wiby on Dependent](./images/PR-from-wiby-with-callouts.png)\n\nIt is to be noted that this example only uses one dependent object in the dependents array. The intent is that \nmany dependents may be tested in a real world scenario.\n\n### \u003ca id=\"example-2\"\u003e\u003c/a\u003eExample 2 *Wiby Clean*\n\nThe *Wiby Test* command results in a PR being raised on the dependent package. The opposite of raising a PR would be to\ndelete a PR that has been previously raised by *Wiby*. The *wiby clean* command carries out this action. It removes a \nPR that was previously raised by running the *wiby test* command. Note that the PR is deleted no matter the state of the \nPR. Meaning the PR will be deleted if the tests passed or failed.\n\nThe following example demonstrates the use of *wiby clean* based upon the specified dependents in the \".wiby.json\" \nconfiguration file. It is to be noted that command line arguments may also be used instead of the \".wiby.json\" file.\nThe PR raised in the dependent is identified using wiby's PR naming schema.\n\nThe following steps are required to run *wiby clean*\n- ensure that GITHUB_TOKEN is exported\n- run wiby clean in the dependency example-dependency-id-a\n\nfor this example it is assumed that the dependency \"example-dependency-id-a\" has a \".wiby.json\" that contains \n\n```json\n{\n  \"dependents\": [\n    {\n      \"repository\": \"https://github.com/ghinks/example-dependent-id-a.git\",\n      \"pullRequest\": true\n    }\n  ]\n}\n```\nThis means that example-dependency-id-a knows that upstream example-dependent-id-a consumes it.\n\nWhen *wiby clean* is run. The parent dependency's PR, in this case example-dependency-id-a, is deleted.\n\n![Wiby clean run on command line via .wiby.json file](./images/wiby-clean-example-on-cli.png)\n\n\nIt is to be noted that this example only uses one dependent object in the dependents array. The intent is that\nmany dependents may be cleaned in a real world scenario.\n\n### \u003ca id=\"example-3\"\u003e\u003c/a\u003eExample 3 Wiby close-pr\nWhen tests have been run successfully by wiby you can close the raised PRs with the wiby close pr command. The same \npre-requisite of having a GITHUB_TOKEN applies.\n\n- ensure that GITHUB_TOKEN is exported\n- run wiby close-pr\n\n```shell\nwiby close-pr\n```\n\nOnly those tests that have passed successfully will have their PRs closed.\n\n![Wiby close-pr command line via .wiby.json file](./images/wiby-close-pr-cli.png)\n\nThe close-pr command does delete the branch that was used to create the pull request.\n\n### \u003ca id=\"example-4\"\u003e\u003c/a\u003eExample 4 Wiby validate\nThe although you can pass command line arguments to wiby the *.wiby.json* file is envisioned as the primary automation\nconfiguration file. The *.wiby.json* file has a particular schema which is enforced. To validate your *.wiby.json* file\nrun the *wiby validate* command in the directory with your *.wiby.json* file.\n\nThe validation is based upon the schema.\n\n```shell\nwiby validate\n```\nThis will validate the .wiby.json file. Or the command\n\n```shell\nwiby validate --config other-config.json\n```\nWill validate a file of another name for the schema below.\n\n```json\n   \"dependents\": [\n    {\n      \"repository\": \"https://github.com/some/repo\"\n      \"pullRequest\": true\n    }\n  ]\n```\nThe repository field must be a valid URI with protocols \n- https\n- git\n- git+https\n\n### \u003ca id=\"example-5\"\u003e\u003c/a\u003eExample 5 Wiby Result\n\nWhen a wiby test is run the resulting PR raised will trigger the automated testing in the dependent's CI system. The \nstatus of the PR raised by wiby can be interrogated using the **wiby result** command. This will fetch the status of \nthe PR back to the command line.\n\n- ensure that GITHUB_TOKEN is exported\n- run wiby close-pr\n\nImmediately the wiby test command is run the \n\n![wiby result before PR completes tests](./images/wiby-result-queued.png)\n\nAfter the tests have been queued the results will show that the checks are null.\n\n![wiby result after PR tests complete](./images/wiby-result-success.png)\n\nAfter the tests have run the results will show that the checks are successful.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpkgjs%2Fwiby","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fpkgjs%2Fwiby","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpkgjs%2Fwiby/lists"}