{"id":14973832,"url":"https://github.com/postgrest/postgrest","last_synced_at":"2026-04-02T11:58:43.880Z","repository":{"id":37450323,"uuid":"20787122","full_name":"PostgREST/postgrest","owner":"PostgREST","description":"REST API for any Postgres database","archived":false,"fork":false,"pushed_at":"2025-12-12T20:00:53.000Z","size":13073,"stargazers_count":26233,"open_issues_count":363,"forks_count":1137,"subscribers_count":329,"default_branch":"main","last_synced_at":"2025-12-13T00:08:25.390Z","etag":null,"topics":["api","automatic-api","database","haskell","http","pg","pgsql","postgres","postgresql","postgrest","rest","server","sql"],"latest_commit_sha":null,"homepage":"https://postgrest.org","language":"Haskell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/PostgREST.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null},"funding":{"patreon":"postgrest"}},"created_at":"2014-06-13T00:23:00.000Z","updated_at":"2025-12-12T22:55:40.000Z","dependencies_parsed_at":"2023-10-12T23:34:51.005Z","dependency_job_id":"178ae625-e7fe-40d6-ab84-98b39e24de88","html_url":"https://github.com/PostgREST/postgrest","commit_stats":{"total_commits":3539,"total_committers":222,"mean_commits":"15.941441441441441","dds":0.734670810963549,"last_synced_commit":"a064d0df94e60538aab35b76d61b9de74902ad05"},"previous_names":["begriffs/postgrest"],"tags_count":108,"template":false,"template_full_name":null,"purl":"pkg:github/PostgREST/postgrest","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/PostgREST%2Fpostgrest","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/PostgREST%2Fpostgrest/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/PostgREST%2Fpostgrest/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/PostgREST%2Fpostgrest/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/PostgREST","download_url":"https://codeload.github.com/PostgREST/postgrest/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/PostgREST%2Fpostgrest/sbom","scorecard":{"id":111661,"data":{"date":"2025-08-11","repo":{"name":"github.com/PostgREST/postgrest","commit":"1cd8934bb745a2e1c8f77a901ccc9d83c0309594"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":5.6,"checks":[{"name":"Code-Review","score":3,"reason":"Found 7/19 approved changesets -- score normalized to 3","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Maintained","score":10,"reason":"30 commit(s) and 24 issue activity found in the last 90 days -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: jobLevel 'contents' permission set to 'write': .github/workflows/release.yaml:62","Warn: no topLevel permission defined: .github/workflows/build.yaml:1","Warn: no topLevel permission defined: .github/workflows/check.yaml:1","Warn: no topLevel permission defined: .github/workflows/ci.yaml:1","Warn: no topLevel permission defined: .github/workflows/docs.yaml:1","Warn: no topLevel permission defined: .github/workflows/linkcheck.yaml:1","Warn: no topLevel permission defined: .github/workflows/release.yaml:1","Warn: no topLevel permission defined: .github/workflows/test.yaml:1"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"CII-Best-Practices","score":2,"reason":"badge detected: InProgress","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: MIT License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Pinned-Dependencies","score":10,"reason":"all dependencies are pinned","details":["Info:  28 out of  28 GitHub-owned GitHubAction dependencies pinned","Info:   6 out of   6 third-party GitHubAction dependencies pinned","Info:   1 out of   1 containerImage dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"Signed-Releases","score":0,"reason":"Project has not signed or included provenance with any releases.","details":["Warn: release artifact v13.0.4 not signed: https://api.github.com/repos/PostgREST/postgrest/releases/226035950","Warn: release artifact v13.0.3 not signed: https://api.github.com/repos/PostgREST/postgrest/releases/225920977","Warn: release artifact v13.0.2 not signed: https://api.github.com/repos/PostgREST/postgrest/releases/222548970","Warn: release artifact v13.0.1 not signed: https://api.github.com/repos/PostgREST/postgrest/releases/222281252","Warn: release artifact v13.0.0 not signed: https://api.github.com/repos/PostgREST/postgrest/releases/217435370","Warn: release artifact v13.0.4 does not have provenance: https://api.github.com/repos/PostgREST/postgrest/releases/226035950","Warn: release artifact v13.0.3 does not have provenance: https://api.github.com/repos/PostgREST/postgrest/releases/225920977","Warn: release artifact v13.0.2 does not have provenance: https://api.github.com/repos/PostgREST/postgrest/releases/222548970","Warn: release artifact v13.0.1 does not have provenance: https://api.github.com/repos/PostgREST/postgrest/releases/222281252","Warn: release artifact v13.0.0 does not have provenance: https://api.github.com/repos/PostgREST/postgrest/releases/217435370"],"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":6,"reason":"branch protection is not maximal on development and all release branches","details":["Info: 'allow deletion' disabled on branch 'main'","Info: 'force pushes' disabled on branch 'main'","Warn: required approving review count is 1 on branch 'main'","Warn: codeowners review is not required on branch 'main'","Warn: no status checks found to merge onto branch 'main'","Info: PRs are required in order to make changes on branch 'main'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Packaging","score":10,"reason":"packaging workflow detected","details":["Info: Project packages its releases by way of GitHub Actions.: .github/workflows/release.yaml:131"],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 22 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}}]},"last_synced_at":"2025-08-15T12:24:14.826Z","repository_id":37450323,"created_at":"2025-08-15T12:24:14.826Z","updated_at":"2025-08-15T12:24:14.826Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":27765951,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-12-16T02:00:10.477Z","response_time":57,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["api","automatic-api","database","haskell","http","pg","pgsql","postgres","postgresql","postgrest","rest","server","sql"],"created_at":"2024-09-24T13:49:28.921Z","updated_at":"2026-04-02T11:58:43.872Z","avatar_url":"https://github.com/PostgREST.png","language":"Haskell","funding_links":["https://patreon.com/postgrest","https://www.patreon.com/postgrest"],"categories":[],"sub_categories":[],"readme":"![Logo](static/postgrest.png \"Logo\")\n\n[![Donate](https://img.shields.io/badge/Donate-Patreon-orange.svg?colorB=F96854)](https://www.patreon.com/postgrest)\n[![Docs](https://img.shields.io/badge/docs-latest-brightgreen.svg?style=flat)](http://postgrest.org)\n[![Docker Stars](https://img.shields.io/docker/pulls/postgrest/postgrest.svg)](https://hub.docker.com/r/postgrest/postgrest/)\n[![Build Status](https://github.com/postgrest/postgrest/actions/workflows/ci.yaml/badge.svg?branch=main)](https://github.com/PostgREST/postgrest/actions?query=branch%3Amain)\n[![Coverage Status](https://img.shields.io/codecov/c/github/postgrest/postgrest/main)](https://app.codecov.io/gh/PostgREST/postgrest)\n[![Hackage docs](https://img.shields.io/hackage/v/postgrest.svg?label=hackage)](http://hackage.haskell.org/package/postgrest)\n\nPostgREST serves a fully RESTful API from any existing PostgreSQL\ndatabase. It provides a cleaner, more standards-compliant, faster\nAPI than you are likely to write from scratch.\n\n## Sponsors\n\n\u003ctable align=\"center\"\u003e\n  \u003ctbody\u003e\n    \u003ctr\u003e\n      \u003ctd align=\"center\" valign=\"middle\"\u003e\n        \u003ca href=\"https://www.cybertec-postgresql.com/en/?utm_source=postgrest.org\u0026utm_medium=referral\u0026utm_campaign=postgrest\" target=\"_blank\"\u003e\n          \u003cimg width=\"296px\" src=\"static/cybertec.svg\"\u003e\n        \u003c/a\u003e\n      \u003c/td\u003e\n      \u003ctd align=\"center\" valign=\"middle\"\u003e\n        \u003ca href=\"https://supabase.io?utm_source=postgrest%20backers\u0026utm_medium=open%20source%20partner\u0026utm_campaign=postgrest%20backers%20github\u0026utm_term=homepage\" target=\"_blank\"\u003e\n          \u003cimg width=\"296px\" src=\"static/supabase.svg\"\u003e\n        \u003c/a\u003e\n      \u003c/td\u003e\n      \u003ctd align=\"center\" valign=\"middle\"\u003e\n        \u003ca href=\"https://www.euronodes.com/postgrest\" target=\"_blank\"\u003e\n          \u003cimg width=\"296px\" src=\"static/euronodes.svg\"\u003e\n        \u003c/a\u003e\n      \u003c/td\u003e\n    \u003c/tr\u003e\n    \u003ctr\u003e\u003c/tr\u003e\n    \u003ctr\u003e\n      \u003ctd align=\"center\" valign=\"middle\"\u003e\n        \u003ca href=\"https://neon.tech/?utm_source=sponsor\u0026utm_campaign=postgrest\" target=\"_blank\"\u003e\n          \u003cimg width=\"296px\" src=\"static/neon.jpg\"\u003e\n        \u003c/a\u003e\n      \u003c/td\u003e\n      \u003ctd align=\"center\" valign=\"middle\"\u003e\n        \u003ca href=\"https://www.bytebase.com/?utm_source=sponsor\u0026utm_campaign=postgrest\" target=\"_blank\"\u003e\n          \u003cimg width=\"296px\" src=\"static/bytebase.svg\"\u003e\n        \u003c/a\u003e\n      \u003c/td\u003e\n    \u003c/tr\u003e\n  \u003c/tbody\u003e\n\u003c/table\u003e\n\nBig thanks to our sponsors! You can join them by supporting PostgREST on [Patreon](https://www.patreon.com/postgrest).\n\n## Usage\n\n1. See the docs for [how to install PostgREST on your platform](https://docs.postgrest.org/en/stable/explanations/install.html). You can also [use Docker](https://docs.postgrest.org/en/stable/explanations/install.html#docker).\n\n2. Invoke for help:\n\n    ```bash\n    postgrest --help\n    ```\n## [Documentation](http://postgrest.org)\n\nLatest documentation is at [postgrest.org](http://postgrest.org). You can contribute to the docs in [PostgREST/postgrest/docs](https://github.com/PostgREST/postgrest/tree/main/docs).\n\n## Performance\n\nTLDR; subsecond response times for up to 2000 requests/sec on Heroku\nfree tier. If you're used to servers written in interpreted languages,\nprepare to be pleasantly surprised by PostgREST performance.\n\nThree factors contribute to the speed. First the server is written\nin [Haskell](https://www.haskell.org/) using the\n[Warp](http://www.yesodweb.com/blog/2011/03/preliminary-warp-cross-language-benchmarks)\nHTTP server (aka a compiled language with lightweight threads).\nNext it delegates as much calculation as possible to the database\nincluding\n\n* Serializing JSON responses directly in SQL\n* Data validation\n* Authorization\n* Combined row counting and retrieval\n* Data post in single command (`returning *`)\n\nFinally it uses the database efficiently with the\n[Hasql](https://nikita-volkov.github.io/hasql-benchmarks/) library\nby\n\n* Keeping a pool of db connections\n* Using the PostgreSQL binary protocol\n* Being stateless to allow horizontal scaling\n\n## Security\n\nPostgREST [handles\nauthentication](http://postgrest.org/en/stable/auth.html) (via JSON Web\nTokens) and delegates authorization to the role information defined in\nthe database. This ensures there is a single declarative source of truth\nfor security.  When dealing with the database the server assumes the\nidentity of the currently authenticated user, and for the duration of\nthe connection cannot do anything the user themselves couldn't. Other\nforms of authentication can be built on top of the JWT primitive. See\nthe docs for more information.\n\n## Versioning\n\nA robust long-lived API needs the freedom to exist in multiple\nversions. PostgREST does versioning through database schemas. This\nallows you to expose tables and views without making the app brittle.\nUnderlying tables can be superseded and hidden behind public facing\nviews.\n\n## Self-documentation\n\nPostgREST uses the [OpenAPI](https://openapis.org/) standard to\ngenerate up-to-date documentation for APIs. You can use a tool like\n[Swagger-UI](https://github.com/swagger-api/swagger-ui) to render\ninteractive documentation for demo requests against the live API server.\n\nThis project uses HTTP to communicate other metadata as well.  For\ninstance the number of rows returned by an endpoint is reported by -\nand limited with - range headers. More about\n[that](http://begriffs.com/posts/2014-03-06-beyond-http-header-links.html).\n\n## Data Integrity\n\nRather than relying on an Object Relational Mapper and custom\nimperative coding, this system requires you to put declarative constraints\ndirectly into your database. Hence no application can corrupt your\ndata (including your API server).\n\nThe PostgREST exposes HTTP interface with safeguards to prevent\nsurprises, such as enforcing idempotent PUT requests.\n\nSee examples of [PostgreSQL\nconstraints](http://www.tutorialspoint.com/postgresql/postgresql_constraints.htm)\nand the [API guide](http://postgrest.org/en/stable/api.html).\n\n## Supporting development\n\nYou can help PostgREST ongoing maintenance and development by making a regular donation through Patreon https://www.patreon.com/postgrest\n\nEvery donation will be spent on making PostgREST better for the whole community.\n\n## Contributing\n\nContributions are always welcome and appreciated. Please see the [Contributing guidelines](https://github.com/PostgREST/postgrest/blob/main/CONTRIBUTING.md).\n\n## Thanks\n\nThe PostgREST organization is grateful to:\n\n- The project [sponsors and backers](https://github.com/PostgREST/postgrest/blob/main/BACKERS.md) who support PostgREST's development.\n- The project [contributors](https://github.com/PostgREST/postgrest/graphs/contributors) who have improved PostgREST immensely with their code\n  and good judgement. See more details in the [changelog](https://github.com/PostgREST/postgrest/blob/main/CHANGELOG.md).\n\nThe cool logo came from [Mikey Casalaina](https://github.com/casalaina).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpostgrest%2Fpostgrest","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fpostgrest%2Fpostgrest","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpostgrest%2Fpostgrest/lists"}