Re: has anyone scripted doing updates to the CII site?


Tony Hansen
 

David, here are some questions not answered by that page:

* Does the REST API support basic authentication (over TLS)? Or some other HTTPS authentication method?

* When using the PATCH verb, what is the JSON input expected to look like?

PATCH /projects/:id(.:format) projects#update

Thank you

Tony

On 8/12/20, 9:22 AM, "David A. Wheeler" <dwheeler@linuxfoundation.org> wrote:

On Wed, Aug 12, 2020 at 12:10 AM Tony Hansen <tony@att.com> wrote:
...
> So I’d like a tool that could be used to do an identical update across a variety of CII projects. I’d like such a tool to take a list of CII project IDs, a field name and an update to make, such as
> Of course, it would need to log in correctly with an ID that has been authorized on each of the projects.
> I started writing such a tool, but I keep getting caught up with issues with CSRF.

Tony: We developed the API so it *could* be done. But I have never
needed to do it, so I don't have code lying around to do it.

I'd be delighted to help anyone who starts down that path. I believe
it shouldn't be *too* hard,
the problem is that it has to be exactly right or it gets (rightly) rejected.

The current API documentation may help:
https://github.com/coreinfrastructure/best-practices-badge/blob/master/doc/api.md
... and if such code is created, we should add it to the API documentation.

--- David A. Wheeler
Director of Open Source Supply Chain Security, The Linux Foundation

Join CII-badges@lists.coreinfrastructure.org to automatically receive all group messages.