-
Notifications
You must be signed in to change notification settings - Fork 1
Scope #1
Comments
Nice work! A few quick thoughts from playing around with the REST API:
(I generally prefer REST APIs for situations like this, where there aren't that many related objects, but no strong feelings.) One thing I know folks are going to want - webhooks. |
@greysteil Thanks for your feedback.
I thought about webhooks but I wanted to start without since it can also be achieved with subscriptions and requires no db / auth etc. I would add webhooks to the roadmap for later. |
Default makes sense to me!
Interesting. JSON API might be a bit heavyweight here (there's details of its approach here). I don't have super strong feelings here, just struck me as very GraphQL-y for a REST API. What I would initially expect would be for the resource IDs to be the cursors - so in the case of https://elixir-security-advisory.gigalixirapp.com/v1/packages/UGFja2FnZTplY3Rv/vulnerabilities?first=5 I'd expect VnVsbmVyYWJpbGl0eTpwYWNrYWdlcy9lY3RvLzIwMTctMDgtMjcueW1s to be the cursor, and for the structure to be something like:
Makes sense! Hadn't thought about the need for a DB. |
@greysteil A specific cursor field can transport much more than an id. If we would, for example, introduce sorting, depending on the value, the cursor could store other data. Also if we would use a database cursor like the one from postgres in the future, the cursor identification could also be stored in there. Therefore I'd like to keep the cursor field. I think it makes sense to do some more normalization for the rest API like the I'd like to implement the following based on your inputs:
For
Things I'm not happy with:
If the path changes, the ID changes. We have two options on how to proceed:
|
Sounds great! On IDs, let's go for UUID with advice on how to generate them - I'll update the DB. |
@greysteil Great! Could you also add a check to the CI to prevent duplicate ID's? Otherwise, we could have problems if people copy them from another vulnerability. |
Done! And have added a check for uniqueness and UUID format. |
Great, thanks :) May I steal the logo of the data repo for the organisation of this project? |
Of course! |
This ticket is supposed to be the base for the discussion of the scope of V1. Please write here if you've questions/ideas/improvements.
The text was updated successfully, but these errors were encountered: