Show HN: LowEndInsight – a “bus-factor” risk analysis tool https://ift.tt/hY9lUSy
Show HN: LowEndInsight – a “bus-factor” risk analysis tool What began as a pet-project a few years back, an a start to learning functional programming with Elixir, turned into a bit of a research effort for CS students. I'd asked them what info could they glean from a git repository, specifically about the risks associated with using it (or becoming dependent on it). The focus quickly arrived at "bus factor" - what happens when the main developer moves on. From there we started thinking about other metrics and a couple stood out - mainly the distribution of contributions, and the obvious commit currency time. The initial research was focused on library packages from the main ecosystems - e.g., Javascript's NPM and Python's PyPI. We quickly found that to be a massive challenge - at the time neither required packages to provide a valid URL pointing to their source code. This itself was an indicator of something. Once the students moved on I continued to think about and would occasionally get asked about the tool. So I picked it back up and slapped an API on it and exposed it via HTTPS POST and GETs. I am generally looking for feedback. Probably more about the issues associated with dependence on Open Source libraries - the risks derived as software atrophy happens. But what are your ideas about the metainformation that is sitting in a software project's source history. I've considered doing some ML-y stuff with the commit history, but haven't really found the right things there yet. Here are some links to the details: * Library: https://ift.tt/s51KfQl * API: https://ift.tt/OoRcd5i... * API Source: https://ift.tt/WodbJC4 * CLI: https://ift.tt/YDJveR5 * CLI Source: https://ift.tt/eomAYbj * Demo - GitHub Trending Repos: https://ift.tt/j9I6NJO I've capped the number of requests at RapidAPI, but if you really think the tool is useful I can issue you freer, more unlimited access by request. Let me have it HN. And thanks in advance. https://ift.tt/eTa1BdF January 24, 2023 at 08:19PM
Comments
Post a Comment