{"id":43627256,"url":"https://github.com/prismatic-io/spectral","last_synced_at":"2026-05-07T23:21:39.813Z","repository":{"id":39676032,"uuid":"282950439","full_name":"prismatic-io/spectral","owner":"prismatic-io","description":"Prismatic's TypeScript library for building Prismatic connectors and code-native integrations","archived":false,"fork":false,"pushed_at":"2026-02-04T14:34:17.000Z","size":1749,"stargazers_count":44,"open_issues_count":0,"forks_count":4,"subscribers_count":17,"default_branch":"main","last_synced_at":"2026-02-05T01:54:07.173Z","etag":null,"topics":["custom-components","integrations","nodejs","prismatic","typescript"],"latest_commit_sha":null,"homepage":"https://prismatic.io/docs/custom-connectors/","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/prismatic-io.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2020-07-27T16:14:28.000Z","updated_at":"2026-02-04T14:31:01.000Z","dependencies_parsed_at":"2022-08-02T11:52:08.409Z","dependency_job_id":"5640182e-6704-47ce-9181-3dda03f07391","html_url":"https://github.com/prismatic-io/spectral","commit_stats":{"total_commits":152,"total_committers":15,"mean_commits":"10.133333333333333","dds":0.6644736842105263,"last_synced_commit":"45f6726b382dd10d0a561c7663e0fd334b6b5d90"},"previous_names":[],"tags_count":160,"template":false,"template_full_name":null,"purl":"pkg:github/prismatic-io/spectral","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/prismatic-io%2Fspectral","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/prismatic-io%2Fspectral/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/prismatic-io%2Fspectral/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/prismatic-io%2Fspectral/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/prismatic-io","download_url":"https://codeload.github.com/prismatic-io/spectral/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/prismatic-io%2Fspectral/sbom","scorecard":{"id":660292,"data":{"date":"2025-08-11","repo":{"name":"github.com/prismatic-io/spectral","commit":"5ae09249ea9f0d4eabd02dedf2beff20a0c3b1b7"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":6.6,"checks":[{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Maintained","score":10,"reason":"15 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/test.yaml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Code-Review","score":10,"reason":"all changesets reviewed","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yaml:9: update your workflow using https://app.stepsecurity.io/secureworkflow/prismatic-io/spectral/test.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yaml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/prismatic-io/spectral/test.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yaml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/prismatic-io/spectral/test.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yaml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/prismatic-io/spectral/test.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yaml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/prismatic-io/spectral/test.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yaml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/prismatic-io/spectral/test.yaml/main?enable=pin","Info:   0 out of   1 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of   5 third-party GitHubAction dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":10,"reason":"project is fuzzed","details":["Info: TypeScriptPropertyBasedTesting integration found: packages/spectral/src/conditionalLogic/index.test.ts:1","Info: TypeScriptPropertyBasedTesting integration found: packages/spectral/src/util.test.ts:1","Info: TypeScriptPropertyBasedTesting integration found: packages/spectral/src/conditionalLogic/index.test.ts:1","Info: TypeScriptPropertyBasedTesting integration found: packages/spectral/src/util.test.ts:1"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: MIT License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 30 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-21T15:57:42.960Z","repository_id":39676032,"created_at":"2025-08-21T15:57:42.961Z","updated_at":"2025-08-21T15:57:42.961Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29379636,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-02-12T19:05:20.189Z","status":"ssl_error","status_checked_at":"2026-02-12T19:01:44.216Z","response_time":55,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["custom-components","integrations","nodejs","prismatic","typescript"],"created_at":"2026-02-04T16:12:43.738Z","updated_at":"2026-05-07T23:21:39.807Z","avatar_url":"https://github.com/prismatic-io.png","language":"TypeScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003cdiv align=\"center\"\u003e\n  \u003cimg src=\"https://prismatic.io/favicon-48x48.png\" /\u003e\n  \u003ch1\u003e@prismatic-io/spectral\u003c/h1\u003e\n\u003c/div\u003e\n\nThis monorepo contains packages to build custom Prismatic connectors and code-native integrations using TypeScript.\n\n## Building Locally\n\nThis repo uses [`mise`](https://mise.jdx.dev/) to manage toolchain versions (`node`, `bun`, and `gh`) and common tasks. With `mise` installed, run `mise install` from the repo root to provision the required tools.\n\nRun `bun install` to install node dependencies, `mise run build` to build all workspace packages and `mise run test` to run the test suites. `bun pack` and `bun link` are both useful for testing changes locally.\n\n## What is Prismatic?\n\nPrismatic is the leading embedded iPaaS, enabling B2B SaaS teams to ship product integrations faster and with less dev time. The only embedded iPaaS that empowers both developers and non-developers with tools for the complete integration lifecycle, Prismatic includes low-code and code-native building options, deployment and management tooling, and self-serve customer tools.\n\nPrismatic's unparalleled versatility lets teams deliver any integration from simple to complex in one powerful platform. SaaS companies worldwide, from startups to Fortune 500s, trust Prismatic to help connect their products to the other products their customers use.\n\nWith Prismatic, you can:\n\n- Build [integrations](https://prismatic.io/docs/integrations/) using our [intuitive low-code designer](https://prismatic.io/docs/integrations/low-code-integration-designer/) or [code-native](https://prismatic.io/docs/integrations/code-native/) approach in your preferred IDE\n- Leverage pre-built [connectors](https://prismatic.io/docs/components/) for common integration tasks, or develop custom connectors using our TypeScript SDK\n- Embed a native [integration marketplace](https://prismatic.io/docs/embed/) in your product for customer self-service\n- Configure and deploy customer-specific integration instances with powerful configuration tools\n- Support customers efficiently with comprehensive [logging, monitoring, and alerting](https://prismatic.io/docs/monitor-instances/)\n- Run integrations in a secure, scalable infrastructure designed for B2B SaaS\n- Customize the platform to fit your product, industry, and development workflows\n\n## Who uses Prismatic?\n\nPrismatic is built for B2B software companies that need to provide integrations to their customers. Whether you're a growing SaaS startup or an established enterprise, Prismatic's platform scales with your integration needs.\n\nOur platform is particularly powerful for teams serving specialized vertical markets. We provide the flexibility and tools to build exactly the integrations your customers need, regardless of the systems you're connecting to or how unique your integration requirements may be.\n\n## What kind of integrations can you build using Prismatic?\n\nPrismatic supports integrations of any complexity - from simple data syncs to sophisticated, industry-specific solutions. Teams use it to build integrations between any type of system, whether modern SaaS or legacy with standard or custom protocols. Here are some example use cases:\n\n- Connect your product with customers' ERPs, CRMs, and other business systems\n- Process data from multiple sources with customer-specific transformation requirements\n- Automate workflows with customizable triggers, actions, and schedules\n- Handle complex authentication flows and data mapping scenarios\n\nFor information on the Prismatic platform, check out our [website](https://prismatic.io/) and [docs](https://prismatic.io/docs/).\n\n## License\n\nThis repository is MIT licensed.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fprismatic-io%2Fspectral","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fprismatic-io%2Fspectral","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fprismatic-io%2Fspectral/lists"}