Re: has anyone scripted doing updates to the CII site?
|
Tony Hansen
David, here are some questions not answered by that page:
toggle quoted messageShow quoted text
* Does the REST API support basic authentication (over TLS)? Or some other HTTPS authentication method? * When using the PATCH verb, what is the JSON input expected to look like? PATCH /projects/:id(.:format) projects#update Thank you Tony On 8/12/20, 9:22 AM, "David A. Wheeler" <dwheeler@linuxfoundation.org> wrote:
On Wed, Aug 12, 2020 at 12:10 AM Tony Hansen <tony@att.com> wrote:
... > So I’d like a tool that could be used to do an identical update across a variety of CII projects. I’d like such a tool to take a list of CII project IDs, a field name and an update to make, such as > Of course, it would need to log in correctly with an ID that has been authorized on each of the projects. > I started writing such a tool, but I keep getting caught up with issues with CSRF. Tony: We developed the API so it *could* be done. But I have never needed to do it, so I don't have code lying around to do it. I'd be delighted to help anyone who starts down that path. I believe it shouldn't be *too* hard, the problem is that it has to be exactly right or it gets (rightly) rejected. The current API documentation may help: https://github.com/coreinfrastructure/best-practices-badge/blob/master/doc/api.md ... and if such code is created, we should add it to the API documentation. --- David A. Wheeler Director of Open Source Supply Chain Security, The Linux Foundation
|
|
|