Skip to content

Releases: BunsDev/codeql-sdk

codeql-sdk v1.1.0

30 Apr 05:04
@BunsDev BunsDev
v1.1.0
c76d86c
This commit was signed with the committer’s verified signature.
BunsDev Val Alexander
SSH Key Fingerprint: Apqee2EOZLXmfVUUy/QX1QLBn9g10SuzHbK5ARks19E
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
codeql-sdk v1.1.0 Latest
Latest

What's changed

  • Added GitHub maintainer risk scoring for skill audits.
  • Infers a GitHub owner from skill metadata or accepts an explicit owner override.
  • Uses the GitHub REST API to assess public repository footprint, account age, followers, organization ownership, and skill-like repository counts.
  • Includes github-readme-stats reputation enrichment via https://github-readme-stats.vercel.app/api.
  • Adds CLI flags: --github-risk, --github-owner, --github-token, --github-skill-threshold, and --no-github-readme-stats.
  • Adds AuditResult.githubRisk plus exported helpers assessGitHubUserRisk and inferGitHubOwnerFromSkill.

Install

npm install codeql-sdk@1.1.0

Or globally:

npm install -g codeql-sdk@1.1.0

Verification

  • npm run build
  • npm test -- --runInBand
  • npm run lint
  • npm pack

Assets

  • codeql-sdk-1.1.0.tgz — npm package tarball.
  • checksums-sha256.txt — SHA-256 checksum for the tarball.
Assets 4
Loading