{"id":13478511,"url":"https://github.com/roapi/roapi","last_synced_at":"2026-02-11T14:34:39.188Z","repository":{"id":37471327,"uuid":"320426156","full_name":"roapi/roapi","owner":"roapi","description":"Create full-fledged APIs for slowly moving datasets without writing a single line of code.","archived":false,"fork":false,"pushed_at":"2025-12-23T02:42:34.000Z","size":1424,"stargazers_count":3394,"open_issues_count":63,"forks_count":209,"subscribers_count":39,"default_branch":"main","last_synced_at":"2026-02-04T11:08:53.452Z","etag":null,"topics":["analytics","arrow","blob-storage","cloud-native","columnar","datafusion","datasets","delta-lake","graphql","in-memory-database","parquet","query","query-frontends","rest-api","rust","s3","sql","static-datasets"],"latest_commit_sha":null,"homepage":"https://roapi.github.io/docs","language":"Rust","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/roapi.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2020-12-11T00:40:36.000Z","updated_at":"2026-02-04T10:29:57.000Z","dependencies_parsed_at":"2023-10-03T13:46:55.036Z","dependency_job_id":"e965170b-b3ce-4a7a-b5e8-456275beb3ba","html_url":"https://github.com/roapi/roapi","commit_stats":{"total_commits":259,"total_committers":34,"mean_commits":7.617647058823529,"dds":0.3011583011583011,"last_synced_commit":"08ec089a84fdd36e5c13cf16f3d30126ac07b5bc"},"previous_names":[],"tags_count":45,"template":false,"template_full_name":null,"purl":"pkg:github/roapi/roapi","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/roapi%2Froapi","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/roapi%2Froapi/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/roapi%2Froapi/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/roapi%2Froapi/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/roapi","download_url":"https://codeload.github.com/roapi/roapi/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/roapi%2Froapi/sbom","scorecard":{"id":779605,"data":{"date":"2025-08-11","repo":{"name":"github.com/roapi/roapi","commit":"162dbfe5ad1b6815691b33fc9cc096e37773d767"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":4,"checks":[{"name":"Code-Review","score":1,"reason":"Found 3/30 approved changesets -- score normalized to 1","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Maintained","score":10,"reason":"9 commit(s) and 6 issue activity found in the last 90 days -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Info: jobLevel 'contents' permission set to 'read': .github/workflows/roapi_release.yml:273","Warn: no topLevel permission defined: .github/workflows/build.yml:1","Warn: no topLevel permission defined: .github/workflows/columnq_cli_release.yml:1","Warn: no topLevel permission defined: .github/workflows/roapi_release.yml:1","Warn: no topLevel permission defined: .github/workflows/scheduled_security_audit.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE.txt:0","Info: FSF or OSI recognized license: Apache License 2.0: LICENSE.txt:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":0,"reason":"Project has not signed or included provenance with any releases.","details":["Warn: release artifact roapi-v0.12.6 not signed: https://api.github.com/repos/roapi/roapi/releases/225468891","Warn: release artifact roapi-v0.12.4 not signed: https://api.github.com/repos/roapi/roapi/releases/196026588","Warn: release artifact roapi-v0.12.3 not signed: https://api.github.com/repos/roapi/roapi/releases/193193627","Warn: release artifact columnq-cli-v0.7.0 not signed: https://api.github.com/repos/roapi/roapi/releases/193193577","Warn: release artifact roapi-v0.12.0 not signed: https://api.github.com/repos/roapi/roapi/releases/168587733","Warn: release artifact roapi-v0.12.6 does not have provenance: https://api.github.com/repos/roapi/roapi/releases/225468891","Warn: release artifact roapi-v0.12.4 does not have provenance: https://api.github.com/repos/roapi/roapi/releases/196026588","Warn: release artifact roapi-v0.12.3 does not have provenance: https://api.github.com/repos/roapi/roapi/releases/193193627","Warn: release artifact columnq-cli-v0.7.0 does not have provenance: https://api.github.com/repos/roapi/roapi/releases/193193577","Warn: release artifact roapi-v0.12.0 does not have provenance: https://api.github.com/repos/roapi/roapi/releases/168587733"],"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Packaging","score":10,"reason":"packaging workflow detected","details":["Info: Project packages its releases by way of GitHub Actions.: .github/workflows/build.yml:198"],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:182: update your workflow using https://app.stepsecurity.io/secureworkflow/roapi/roapi/build.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:184: update your workflow using https://app.stepsecurity.io/secureworkflow/roapi/roapi/build.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:202: update your workflow using https://app.stepsecurity.io/secureworkflow/roapi/roapi/build.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:204: update your workflow using https://app.stepsecurity.io/secureworkflow/roapi/roapi/build.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:206: update your workflow using https://app.stepsecurity.io/secureworkflow/roapi/roapi/build.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/roapi/roapi/build.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/roapi/roapi/build.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/roapi/roapi/build.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/roapi/roapi/build.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/roapi/roapi/build.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/roapi/roapi/build.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/roapi/roapi/build.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:58: update your workflow using https://app.stepsecurity.io/secureworkflow/roapi/roapi/build.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:59: update your workflow using https://app.stepsecurity.io/secureworkflow/roapi/roapi/build.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:61: update your workflow using https://app.stepsecurity.io/secureworkflow/roapi/roapi/build.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:76: update your workflow using https://app.stepsecurity.io/secureworkflow/roapi/roapi/build.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:77: update your workflow using https://app.stepsecurity.io/secureworkflow/roapi/roapi/build.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:79: update your workflow using https://app.stepsecurity.io/secureworkflow/roapi/roapi/build.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:108: update your workflow using https://app.stepsecurity.io/secureworkflow/roapi/roapi/build.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:121: update your workflow using https://app.stepsecurity.io/secureworkflow/roapi/roapi/build.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:122: update your workflow using https://app.stepsecurity.io/secureworkflow/roapi/roapi/build.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:124: update your workflow using https://app.stepsecurity.io/secureworkflow/roapi/roapi/build.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:154: update your workflow using https://app.stepsecurity.io/secureworkflow/roapi/roapi/build.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:168: update your workflow using https://app.stepsecurity.io/secureworkflow/roapi/roapi/build.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:170: update your workflow using https://app.stepsecurity.io/secureworkflow/roapi/roapi/build.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/columnq_cli_release.yml:175: update your workflow using https://app.stepsecurity.io/secureworkflow/roapi/roapi/columnq_cli_release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/columnq_cli_release.yml:195: update your workflow using https://app.stepsecurity.io/secureworkflow/roapi/roapi/columnq_cli_release.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/columnq_cli_release.yml:205: update your workflow using https://app.stepsecurity.io/secureworkflow/roapi/roapi/columnq_cli_release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/columnq_cli_release.yml:219: update your workflow using https://app.stepsecurity.io/secureworkflow/roapi/roapi/columnq_cli_release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/columnq_cli_release.yml:222: update your workflow using https://app.stepsecurity.io/secureworkflow/roapi/roapi/columnq_cli_release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/columnq_cli_release.yml:225: update your workflow using https://app.stepsecurity.io/secureworkflow/roapi/roapi/columnq_cli_release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/columnq_cli_release.yml:228: update your workflow using https://app.stepsecurity.io/secureworkflow/roapi/roapi/columnq_cli_release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/columnq_cli_release.yml:231: update your workflow using https://app.stepsecurity.io/secureworkflow/roapi/roapi/columnq_cli_release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/columnq_cli_release.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/roapi/roapi/columnq_cli_release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/columnq_cli_release.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/roapi/roapi/columnq_cli_release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/columnq_cli_release.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/roapi/roapi/columnq_cli_release.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/columnq_cli_release.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/roapi/roapi/columnq_cli_release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/columnq_cli_release.yml:64: update your workflow using https://app.stepsecurity.io/secureworkflow/roapi/roapi/columnq_cli_release.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/columnq_cli_release.yml:72: update your workflow using https://app.stepsecurity.io/secureworkflow/roapi/roapi/columnq_cli_release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/columnq_cli_release.yml:91: update your workflow using https://app.stepsecurity.io/secureworkflow/roapi/roapi/columnq_cli_release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/columnq_cli_release.yml:92: update your workflow using https://app.stepsecurity.io/secureworkflow/roapi/roapi/columnq_cli_release.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/columnq_cli_release.yml:97: update your workflow using https://app.stepsecurity.io/secureworkflow/roapi/roapi/columnq_cli_release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/columnq_cli_release.yml:109: update your workflow using https://app.stepsecurity.io/secureworkflow/roapi/roapi/columnq_cli_release.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/columnq_cli_release.yml:117: update your workflow using https://app.stepsecurity.io/secureworkflow/roapi/roapi/columnq_cli_release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/roapi_release.yml:98: update your workflow using https://app.stepsecurity.io/secureworkflow/roapi/roapi/roapi_release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/roapi_release.yml:99: update your workflow using https://app.stepsecurity.io/secureworkflow/roapi/roapi/roapi_release.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/roapi_release.yml:104: update your workflow using https://app.stepsecurity.io/secureworkflow/roapi/roapi/roapi_release.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/roapi_release.yml:108: update your workflow using https://app.stepsecurity.io/secureworkflow/roapi/roapi/roapi_release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/roapi_release.yml:123: update your workflow using https://app.stepsecurity.io/secureworkflow/roapi/roapi/roapi_release.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/roapi_release.yml:132: update your workflow using https://app.stepsecurity.io/secureworkflow/roapi/roapi/roapi_release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/roapi_release.yml:190: update your workflow using https://app.stepsecurity.io/secureworkflow/roapi/roapi/roapi_release.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/roapi_release.yml:201: update your workflow using https://app.stepsecurity.io/secureworkflow/roapi/roapi/roapi_release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/roapi_release.yml:220: update your workflow using https://app.stepsecurity.io/secureworkflow/roapi/roapi/roapi_release.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/roapi_release.yml:229: update your workflow using https://app.stepsecurity.io/secureworkflow/roapi/roapi/roapi_release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/roapi_release.yml:244: update your workflow using https://app.stepsecurity.io/secureworkflow/roapi/roapi/roapi_release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/roapi_release.yml:247: update your workflow using https://app.stepsecurity.io/secureworkflow/roapi/roapi/roapi_release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/roapi_release.yml:250: update your workflow using https://app.stepsecurity.io/secureworkflow/roapi/roapi/roapi_release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/roapi_release.yml:253: update your workflow using https://app.stepsecurity.io/secureworkflow/roapi/roapi/roapi_release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/roapi_release.yml:256: update your workflow using https://app.stepsecurity.io/secureworkflow/roapi/roapi/roapi_release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/roapi_release.yml:276: update your workflow using https://app.stepsecurity.io/secureworkflow/roapi/roapi/roapi_release.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/roapi_release.yml:279: update your workflow using https://app.stepsecurity.io/secureworkflow/roapi/roapi/roapi_release.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/roapi_release.yml:289: update your workflow using https://app.stepsecurity.io/secureworkflow/roapi/roapi/roapi_release.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/roapi_release.yml:298: update your workflow using https://app.stepsecurity.io/secureworkflow/roapi/roapi/roapi_release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/roapi_release.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/roapi/roapi/roapi_release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/roapi_release.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/roapi/roapi/roapi_release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/roapi_release.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/roapi/roapi/roapi_release.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/roapi_release.yml:46: update your workflow using https://app.stepsecurity.io/secureworkflow/roapi/roapi/roapi_release.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/roapi_release.yml:50: update your workflow using https://app.stepsecurity.io/secureworkflow/roapi/roapi/roapi_release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/roapi_release.yml:72: update your workflow using https://app.stepsecurity.io/secureworkflow/roapi/roapi/roapi_release.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/roapi_release.yml:80: update your workflow using https://app.stepsecurity.io/secureworkflow/roapi/roapi/roapi_release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/scheduled_security_audit.yml:9: update your workflow using https://app.stepsecurity.io/secureworkflow/roapi/roapi/scheduled_security_audit.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/scheduled_security_audit.yml:10: update your workflow using https://app.stepsecurity.io/secureworkflow/roapi/roapi/scheduled_security_audit.yml/main?enable=pin","Warn: containerImage not pinned by hash: Dockerfile:5","Warn: containerImage not pinned by hash: Dockerfile:21","Warn: containerImage not pinned by hash: Dockerfile:27","Warn: containerImage not pinned by hash: Dockerfile:34","Warn: containerImage not pinned by hash: Dockerfile:46: pin your Docker image by updating debian:bookworm-slim to debian:bookworm-slim@sha256:b1a741487078b369e78119849663d7f1a5341ef2768798f7b7406c4240f86aef","Warn: downloadThenRun not pinned by hash: Dockerfile:7","Warn: pipCommand not pinned by hash: .github/workflows/columnq_cli_release.yml:50","Warn: pipCommand not pinned by hash: .github/workflows/columnq_cli_release.yml:61","Warn: pipCommand not pinned by hash: .github/workflows/columnq_cli_release.yml:190","Warn: pipCommand not pinned by hash: .github/workflows/columnq_cli_release.yml:239","Warn: pipCommand not pinned by hash: .github/workflows/roapi_release.yml:215","Warn: pipCommand not pinned by hash: .github/workflows/roapi_release.yml:264","Warn: pipCommand not pinned by hash: .github/workflows/roapi_release.yml:55","Warn: pipCommand not pinned by hash: .github/workflows/roapi_release.yml:70","Info:   0 out of  38 GitHub-owned GitHubAction dependencies pinned","Info:   1 out of  35 third-party GitHubAction dependencies pinned","Info:   0 out of   1 downloadThenRun dependencies pinned","Info:   0 out of   8 pipCommand dependencies pinned","Info:   0 out of   5 containerImage dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 20 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":1,"reason":"9 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: RUSTSEC-2023-0067","Warn: Project is vulnerable to: RUSTSEC-2024-0384","Warn: Project is vulnerable to: RUSTSEC-2023-0055 / GHSA-c2hm-mjxv-89r4","Warn: Project is vulnerable to: GHSA-2326-pfpj-vx3h","Warn: Project is vulnerable to: RUSTSEC-2023-0086","Warn: Project is vulnerable to: RUSTSEC-2022-0040 / GHSA-9qxh-258v-666c","Warn: Project is vulnerable to: RUSTSEC-2024-0436","Warn: Project is vulnerable to: RUSTSEC-2025-0047 / GHSA-qx2v-8332-m4fv","Warn: Project is vulnerable to: RUSTSEC-2024-0320"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-23T04:36:03.262Z","repository_id":37471327,"created_at":"2025-08-23T04:36:03.262Z","updated_at":"2025-08-23T04:36:03.262Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29335274,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-02-11T14:34:07.188Z","status":"ssl_error","status_checked_at":"2026-02-11T14:34:06.809Z","response_time":97,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["analytics","arrow","blob-storage","cloud-native","columnar","datafusion","datasets","delta-lake","graphql","in-memory-database","parquet","query","query-frontends","rest-api","rust","s3","sql","static-datasets"],"created_at":"2024-07-31T16:01:58.048Z","updated_at":"2026-02-11T14:34:39.153Z","avatar_url":"https://github.com/roapi.png","language":"Rust","readme":"# ROAPI\n\n![build](https://github.com/roapi/roapi/workflows/build/badge.svg)\n[![Documentation](https://img.shields.io/badge/-documentation-blue)](https://roapi.github.io/docs/index.html)\n[![discord](https://dcbadge.vercel.app/api/server/t3pjfZkZkZ?compact=true\u0026style=flat)](https://discord.gg/FchMNYTm7G)\n\nROAPI automatically spins up read-only APIs for static datasets without\nrequiring you to write a single line of code. It builds on top of [Apache\nArrow](https://github.com/apache/arrow) and\n[Datafusion](https://github.com/apache/arrow-datafusion). The\ncore of its design can be boiled down to the following:\n\n- [Query frontends](https://roapi.github.io/docs/api/query/index.html) to\n  translate SQL, FlightSQL, GraphQL and REST API queries into\n  Datafusion plans.\n- Datafusion for query plan execution.\n- [Data layer](https://roapi.github.io/docs/config/dataset-formats/index.html)\n  to load datasets from a variety of sources and formats with automatic schema\n  inference.\n- [Response encoding layer](https://roapi.github.io/docs/api/response.html) to\n  serialize intermediate Arrow record batch into various formats requested by\n  client.\n\nSee below for a high level diagram:\n\n\u003cimg alt=\"roapi-design-diagram\" src=\"https://roapi.github.io/docs/images/roapi.png\"\u003e\n\n## Installation\n\n### Install pre-built binary\n\n```bash\n# if you are using homebrew\nbrew install roapi\n# or if you prefer pip\npip install roapi\n```\n\nCheck out [Github release page](https://github.com/roapi/roapi/releases) for\npre-built binaries for each platform. Pre-built docker images are also available at\n[ghcr.io/roapi/roapi](https://github.com/orgs/roapi/packages/container/package/roapi).\n\n### Install from source\n\n```bash\ncargo install --locked --git https://github.com/roapi/roapi --branch main --bins roapi\n```\n\n## Usage\n\n### Quick start\n\nSpin up APIs for `test_data/uk_cities_with_headers.csv` and\n`test_data/spacex_launches.json`:\n\n```bash\nroapi \\\n    --table \"uk_cities=test_data/uk_cities_with_headers.csv\" \\\n    --table \"test_data/spacex_launches.json\"\n```\n\nOr using docker:\n\n```bash\ndocker run -t --rm -p 8080:8080 ghcr.io/roapi/roapi:latest --addr-http 0.0.0.0:8080 \\\n    --table \"uk_cities=test_data/uk_cities_with_headers.csv\" \\\n    --table \"test_data/spacex_launches.json\"\n```\n\nQuery data using the builtin web UI at `http://localhost:8080/ui`:\n\n\u003cimg alt=\"roapi-design-diagram\" src=\"https://roapi.github.io/docs/images/ui.png\"\u003e\n\nQuery data using SQL, GraphQL or REST via curl:\n\n```bash\ncurl -X POST -d \"SELECT city, lat, lng FROM uk_cities LIMIT 2\" localhost:8080/api/sql\ncurl -X POST -d \"query { uk_cities(limit: 2) {city, lat, lng} }\" localhost:8080/api/graphql\ncurl \"localhost:8080/api/tables/uk_cities?columns=city,lat,lng\u0026limit=2\"\n```\n\nGet inferred schema for all tables:\n\n```bash\ncurl 'localhost:8080/api/schema'\n```\n\nFor MySQL and SQLite, specify the table argument like below:\n```\n--table \"table_name=mysql://username:password@localhost:3306/database\"\n--table \"table_name=sqlite://path/to/database\"\n```\n\nWant dynamic register data? Add parameter `-d` to command. `--table` parameter cannot be ignored for now.\n```bash\nroapi \\\n    --table \"uk_cities=test_data/uk_cities_with_headers.csv\" \\\n    -d\n```\n\nThen post config to `/api/table` register data.\n```bash\ncurl -X POST http://172.24.16.1:8080/api/table \\\n     -H 'Content-Type: application/json' \\\n     -d '[\n       {\n         \"tableName\": \"uk_cities2\",\n         \"uri\": \"./test_data/uk_cities_with_headers.csv\"\n       },\n       {\n         \"tableName\": \"table_name\",\n         \"uri\": \"sqlite://path/to/database\"\n       }\n     ]'\n```\n\nFor windows, full scheme(file:// or filesystem://) must filled, and use double quote(\") instead of single quote(') to escape windows cmdline limit:\n\n```bash\nroapi \\\n    --table \"uk_cities=file://d:/path/to/uk_cities_with_headers.csv\" \\\n    --table \"file://d:/path/to/test_data/spacex_launches.json\"\n```\n\n\n### Config file\n\nYou can also configure multiple table sources using YAML or Toml config, which supports more\nadvanced format specific table options:\n\n```yaml\naddr:\n  http: 0.0.0.0:8080\n  postgres: 0.0.0.0:5433\ntables:\n  - name: \"blogs\"\n    uri: \"test_data/blogs.parquet\"\n\n  - name: \"ubuntu_ami\"\n    uri: \"test_data/ubuntu-ami.json\"\n    option:\n      format: \"json\"\n      pointer: \"/aaData\"\n      array_encoded: true\n    schema:\n      columns:\n        - name: \"zone\"\n          data_type: \"Utf8\"\n        - name: \"name\"\n          data_type: \"Utf8\"\n        - name: \"version\"\n          data_type: \"Utf8\"\n        - name: \"arch\"\n          data_type: \"Utf8\"\n        - name: \"instance_type\"\n          data_type: \"Utf8\"\n        - name: \"release\"\n          data_type: \"Utf8\"\n        - name: \"ami_id\"\n          data_type: \"Utf8\"\n        - name: \"aki_id\"\n          data_type: \"Utf8\"\n\n  - name: \"spacex_launches\"\n    uri: \"https://api.spacexdata.com/v4/launches\"\n    option:\n      format: \"json\"\n\n  - name: \"github_jobs\"\n    uri: \"https://web.archive.org/web/20210507025928if_/https://jobs.github.com/positions.json\"\n```\n\nTo run serve tables using config file:\n\n```bash\nroapi -c ./roapi.yml # or .toml\n```\n\nSee [config\ndocumentation](https://roapi.github.io/docs/config/config-file.html) for more\noptions including [using Google spreadsheet as a table\nsource](https://roapi.github.io/docs/config/dataset-formats/gsheet.html).\n\n### Response serialization\n\nBy default, ROAPI encodes responses in JSON format, but you can request\ndifferent encodings by specifying the `ACCEPT` header:\n\n```bash\ncurl -X POST \\\n    -H 'ACCEPT: application/vnd.apache.arrow.stream' \\\n    -d \"SELECT launch_library_id FROM spacex_launches WHERE launch_library_id IS NOT NULL\" \\\n    localhost:8080/api/sql\n```\n\n### REST API query interface\n\nYou can query tables through REST API by sending `GET` requests to\n`/api/tables/{table_name}`. Query operators are specified as query params.\n\nREST query frontend currently supports the following query operators:\n\n- columns\n- sort\n- limit\n- filter\n\nTo sort column `col1` in ascending order and `col2` in descending order, set\nquery param to: `sort=col1,-col2`.\n\nTo find all rows with `col1` equal to string `'foo'`, set query param to:\n`filter[col1]='foo'`. You can also do basic comparisons with filters, for\nexample predicate `0 \u003c= col2 \u003c 5` can be expressed as\n`filter[col2]gte=0\u0026filter[col2]lt=5`.\n\n### GraphQL query interface\n\nTo query tables using GraphQL, send the query through `POST` request to\n`/api/graphql` endpoint.\n\nGraphQL query frontend supports the same set of operators supported by [REST\nquery frontend](https://roapi.github.io/docs/api/query/rest.html). Here how is\nyou can apply various operators in a query:\n\n```graphql\n{\n  table_name(\n    filter: { col1: false, col2: { gteq: 4, lt: 1000 } }\n    sort: [{ field: \"col2\", order: \"desc\" }, { field: \"col3\" }]\n    limit: 100\n  ) {\n    col1\n    col2\n    col3\n  }\n}\n```\n\n### SQL query interface\n\nTo query tables using a subset of standard SQL, send the query through `POST`\nrequest to `/api/sql` endpoint. This is the only query interface that supports\ntable joins.\n\n\n### Key value lookup\n\nYou can pick two columns from a table to use a key and value to create a quick\nkeyvalue store API by adding the following lines to the config:\n\n```yaml\nkvstores:\n  - name: \"launch_name\"\n    uri: \"test_data/spacex_launches.json\"\n    key: id\n    value: name\n```\n\nKey value lookup can be done through simple HTTP GET requests:\n\n```bash\ncurl -v localhost:8080/api/kv/launch_name/600f9a8d8f798e2a4d5f979e\nStarlink-21 (v1.0)%\n```\n\n### Query through Postgres wire protocol\n\nROAPI can present itself as a Postgres server so users can use Postgres clients\nto issue SQL queries.\n\n```bash\n$ psql -h 127.0.0.1\npsql (12.10 (Ubuntu 12.10-0ubuntu0.20.04.1), server 13)\nWARNING: psql major version 12, server major version 13.\n         Some psql features might not work.\nType \"help\" for help.\n\nhouqp=\u003e select count(*) from uk_cities;\n COUNT(UInt8(1))\n-----------------\n              37\n(1 row)\n```\n\n\n## Features\n\nQuery layer:\n\n- [x] REST API GET\n- [x] GraphQL\n- [x] SQL\n- [x] join between tables\n- [x] access to array elements by index\n- [x] access to nested struct fields by key\n- [ ] column index\n- protocol\n  - [x] Postgres\n  - [x] FlightSQL\n- [x] Key value lookup\n\nResponse serialization:\n\n- [x] JSON `application/json`\n- [x] Arrow `application/vnd.apache.arrow.stream`\n- [x] Parquet `application/vnd.apache.parquet`\n- [ ] msgpack\n\nData layer:\n\n- [x] filesystem\n- [x] HTTP/HTTPS\n- [x] S3\n- [x] GCS\n- [x] Azure Storage\n- [x] Google spreadsheet\n- [x] MySQL\n- [x] SQLite\n- [x] Postgres\n- [ ] Airtable\n- Data format\n  - [x] CSV\n  - [x] JSON\n  - [x] NDJSON\n  - [x] parquet\n  - [x] xls, xlsx, xlsb, ods: https://github.com/tafia/calamine\n  - [x] [DeltaLake](https://delta.io/)\n\nMisc:\n\n- [ ] auto gen OpenAPI doc for rest layer\n- [ ] query input type conversion based on table schema\n- [ ] stream arrow encoding response\n- [ ] authentication layer\n\n## Development\n\nThe core of ROAPI, including query front-ends and data layer, lives in the\nself-contained [columnq](https://github.com/roapi/roapi/tree/main/columnq)\ncrate. It takes queries and outputs Arrow record batches. Data sources will\nalso be loaded and stored in memory as Arrow record batches.\n\nThe [roapi](https://github.com/roapi/roapi/tree/main/roapi) crate wraps\n`columnq` with a multi-protocol query layer. It serializes Arrow record batches\nproduced by `columnq` into different formats based on client request.\n\n### Debug\n\nTo log all FlightSQL requests in console, set `RUST_LOG=tower_http=trace`.\n\n### Build Docker image\n\n```bash\ndocker build --rm -t ghcr.io/roapi/roapi:latest .\n```\n### VS Code DevContainer\n\n#### Requirements\n- [x] Vscode\n- [x] Ensure this extension is installed on your vs code `ms-vscode-remote.remote-containers`\n---\nOnce done you will see prompt from left side to reopen the project in dev container or open command palette and search for open with remote container:\n\n1. install dependencies\n```bash \napt-get update  \u0026\u0026 apt-get install --no-install-recommends -y cmake\n```\n2. connect to database from your local using db client of choice using the following credentials\n```\nusername: user\npassword: user\ndatabase: test\n```\nonce done create table so you can map it in `-t` arg or consider using sample in `.devcontainer/db-migration.sql` to populate some tables with data\n\n3. run cargo command with mysql db as feature\n```bash\ncargo run --bin roapi --features database -- -a localhost:8080 -t posts=mysql://user:user@db:3306/test \n```\notherwise if you are looking for other features \nyou have to select appropriate one from `roapi/Cargo.toml` \n\n\n","funding_links":[],"categories":["Rust","后端开发框架及项目","analytics","\u003ca name=\"data-management\"\u003e\u003c/a\u003eData management","\u003ca name=\"Rust\"\u003e\u003c/a\u003eRust"],"sub_categories":["后端项目_其他"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Froapi%2Froapi","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Froapi%2Froapi","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Froapi%2Froapi/lists"}