@mcptoolshop/registry-stats 0.4.1 → 1.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +38 -0
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -24,6 +24,7 @@
|
|
|
24
24
|
<a href="#config-file">Config</a> ·
|
|
25
25
|
<a href="#programmatic-api">API</a> ·
|
|
26
26
|
<a href="#rest-api-server">REST Server</a> ·
|
|
27
|
+
<a href="#dashboard">Dashboard</a> ·
|
|
27
28
|
<a href="#license">License</a>
|
|
28
29
|
</p>
|
|
29
30
|
|
|
@@ -240,6 +241,18 @@ registerProvider(cargo);
|
|
|
240
241
|
await stats('cargo', 'serde');
|
|
241
242
|
```
|
|
242
243
|
|
|
244
|
+
## Dashboard
|
|
245
|
+
|
|
246
|
+
A self-updating stats dashboard ships with the library at [`/dashboard/`](https://mcp-tool-shop-org.github.io/registry-stats/dashboard/).
|
|
247
|
+
|
|
248
|
+
- **Executive snapshot** — one-sentence weekly narrative (top registry, top package, top gainer, concentration, data confidence)
|
|
249
|
+
- **Growth Pulse** — top gainers, decliners, and newly active packages (npm 7d vs prior 7d)
|
|
250
|
+
- **Data Health** — per-registry coverage, confidence badges, expandable error details
|
|
251
|
+
- **Breakdown** — per-registry bars and 30-day aggregate sparkline
|
|
252
|
+
- **Leaderboard** — all packages ranked by weekly downloads with per-row 30d sparklines
|
|
253
|
+
|
|
254
|
+
Data is fetched at build time via `npm run fetch-stats` and rebuilt weekly by CI (Mondays 06:00 UTC). Dark and light themes supported.
|
|
255
|
+
|
|
243
256
|
## Website
|
|
244
257
|
|
|
245
258
|
Docs / landing page lives in `site/`.
|
|
@@ -248,6 +261,31 @@ Docs / landing page lives in `site/`.
|
|
|
248
261
|
- Build: `npm run site:build`
|
|
249
262
|
- Preview: `npm run site:preview`
|
|
250
263
|
|
|
264
|
+
## Security & Data Scope
|
|
265
|
+
|
|
266
|
+
| Aspect | Detail |
|
|
267
|
+
|--------|--------|
|
|
268
|
+
| **Data touched** | Public download statistics from npm, PyPI, NuGet, VS Code Marketplace, Docker Hub. In-memory cache (optional) |
|
|
269
|
+
| **Data NOT touched** | No telemetry. No analytics. No credential storage. No user data. No file writes |
|
|
270
|
+
| **Permissions** | Read: public registry APIs via HTTPS. Write: stdout/stderr only |
|
|
271
|
+
| **Network** | HTTPS outbound to public registry APIs. Optional localhost REST server |
|
|
272
|
+
| **Telemetry** | None collected or sent |
|
|
273
|
+
|
|
274
|
+
See [SECURITY.md](SECURITY.md) for vulnerability reporting.
|
|
275
|
+
|
|
276
|
+
## Scorecard
|
|
277
|
+
|
|
278
|
+
| Category | Score |
|
|
279
|
+
|----------|-------|
|
|
280
|
+
| A. Security | 10 |
|
|
281
|
+
| B. Error Handling | 10 |
|
|
282
|
+
| C. Operator Docs | 10 |
|
|
283
|
+
| D. Shipping Hygiene | 10 |
|
|
284
|
+
| E. Identity (soft) | 10 |
|
|
285
|
+
| **Overall** | **50/50** |
|
|
286
|
+
|
|
287
|
+
> Full audit: [SHIP_GATE.md](SHIP_GATE.md) · [SCORECARD.md](SCORECARD.md)
|
|
288
|
+
|
|
251
289
|
## License
|
|
252
290
|
|
|
253
291
|
MIT
|
package/package.json
CHANGED