Require default values

Comment added plus small refactring
Unused code removed
2020-04-21 21:09:50 +02:00 · 2020-04-21 20:42:13 +02:00 · 2020-04-20 21:35:48 +02:00 · 2020-04-20 21:31:53 +02:00 · 2020-04-20 21:23:42 +02:00 · 2020-04-19 20:03:00 +02:00
1180 changed files with 113425 additions and 10520 deletions
--- a/.buildpacks
+++ b/.buildpacks
@@ -1,2 +0,0 @@
-https://github.com/mojodna/heroku-buildpack-cairo.git
-https://github.com/heroku/heroku-buildpack-nodejs.git
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -0,0 +1,382 @@
+version: 2
+
+main_steps: &main_steps
+  steps:
+    - checkout
+
+    - run:
+        name: Install dependencies
+        command: npm ci
+        environment:
+          # https://docs.cypress.io/guides/getting-started/installing-cypress.html#Skipping-installation
+          # We don't need to install the Cypress binary in jobs that aren't actually running Cypress.
+          CYPRESS_INSTALL_BINARY: 0
+
+    - run:
+        name: Linter
+        when: always
+        command: npm run lint
+
+    - run:
+        name: Core tests
+        when: always
+        environment:
+          mocha_reporter: mocha-junit-reporter
+          MOCHA_FILE: junit/core/results.xml
+        command: npm run test:core
+
+    - run:
+        name: Entrypoint tests
+        when: always
+        environment:
+          mocha_reporter: mocha-junit-reporter
+          MOCHA_FILE: junit/entrypoint/results.xml
+        command: npm run test:entrypoint
+
+    - store_test_results:
+        path: junit
+
+    - run:
+        name: 'Prettier check (quick fix: `npm run prettier`)'
+        when: always
+        command: npm run prettier:check
+
+integration_steps: &integration_steps
+  steps:
+    - checkout
+
+    - run:
+        name: Install dependencies
+        command: npm ci
+        environment:
+          CYPRESS_INSTALL_BINARY: 0
+
+    - run:
+        name: Integration tests
+        when: always
+        environment:
+          mocha_reporter: mocha-junit-reporter
+          MOCHA_FILE: junit/integration/results.xml
+        command: npm run test:integration
+
+    - store_test_results:
+        path: junit
+
+services_steps: &services_steps
+  steps:
+    - checkout
+
+    - run:
+        name: Install dependencies
+        command: npm ci
+        environment:
+          CYPRESS_INSTALL_BINARY: 0
+
+    - run:
+        name: Identify services tagged in the PR title
+        command: npm run test:services:pr:prepare
+
+    - run:
+        name: Run tests for tagged services
+        environment:
+          mocha_reporter: mocha-junit-reporter
+          MOCHA_FILE: junit/services/results.xml
+        command: RETRY_COUNT=3 npm run test:services:pr:run
+
+    - store_test_results:
+        path: junit
+
+run_package_tests: &run_package_tests
+  when: always
+  command: |
+    # https://discuss.circleci.com/t/switch-nodejs-version-on-machine-executor-solved/26675/3
+    set +e
+    export NVM_DIR="/opt/circleci/.nvm"
+    [ -s "$NVM_DIR/nvm.sh" ] && \. "$NVM_DIR/nvm.sh"
+    nvm install $NODE_VERSION
+    nvm use $NODE_VERSION
+    node --version
+    npm run test:package
+
+package_steps: &package_steps
+  steps:
+    - checkout
+
+    - run:
+        name: Install dependencies
+        command: |
+          set +e
+          export NVM_DIR="/opt/circleci/.nvm"
+          [ -s "$NVM_DIR/nvm.sh" ] && \. "$NVM_DIR/nvm.sh"
+          nvm install v12
+          nvm use v12
+          npm install -g npm
+          npm ci
+        environment:
+          CYPRESS_INSTALL_BINARY: 0
+
+    # Run the package tests on each currently supported node version. See:
+    # https://github.com/badges/shields/blob/master/gh-badges/README.md#node-version-support
+
+    - run:
+        <<: *run_package_tests
+        environment:
+          mocha_reporter: mocha-junit-reporter
+          MOCHA_FILE: junit/gh-badges/v8/results.xml
+          NODE_VERSION: v8
+        name: Run package tests on Node 8
+
+    - run:
+        <<: *run_package_tests
+        environment:
+          mocha_reporter: mocha-junit-reporter
+          MOCHA_FILE: junit/gh-badges/v10/results.xml
+          NODE_VERSION: v10
+        name: Run package tests on Node 10
+
+    - run:
+        <<: *run_package_tests
+        environment:
+          mocha_reporter: mocha-junit-reporter
+          MOCHA_FILE: junit/gh-badges/v12/results.xml
+          NODE_VERSION: v12
+        name: Run package tests on Node 12
+
+    - store_test_results:
+        path: junit
+
+jobs:
+  npm-install:
+    docker:
+      - image: circleci/node:8
+    steps:
+      - checkout
+
+      - run:
+          name: Install dependencies
+          command: npm ci
+          environment:
+            CYPRESS_INSTALL_BINARY: 0
+
+  main:
+    docker:
+      - image: circleci/node:8
+
+    <<: *main_steps
+
+  main@node-latest:
+    docker:
+      - image: circleci/node:latest
+
+    <<: *main_steps
+
+  integration:
+    docker:
+      - image: circleci/node:8
+      - image: redis
+
+    <<: *integration_steps
+
+  integration@node-latest:
+    docker:
+      - image: circleci/node:latest
+      - image: redis
+
+    <<: *integration_steps
+
+  danger:
+    docker:
+      - image: circleci/node:8
+    steps:
+      - checkout
+
+      - run:
+          name: Install dependencies
+          command: npm ci
+          environment:
+            CYPRESS_INSTALL_BINARY: 0
+
+      - run:
+          name: Danger
+          when: always
+          environment:
+            # https://github.com/gatsbyjs/gatsby/pull/11555
+            NODE_ENV: test
+          command: npm run danger ci
+
+  frontend:
+    docker:
+      - image: circleci/node:8
+    steps:
+      - checkout
+
+      - run:
+          name: Install dependencies
+          command: npm ci
+          environment:
+            CYPRESS_INSTALL_BINARY: 0
+
+      - run:
+          name: Prepare frontend tests
+          command: npm run defs && npm run features
+
+      - run:
+          name: Check types
+          command: npm run check-types:frontend
+
+      - run:
+          name: Frontend unit tests
+          environment:
+            mocha_reporter: mocha-junit-reporter
+            MOCHA_FILE: junit/frontend/results.xml
+          when: always
+          command: npm run test:frontend
+
+      - store_test_results:
+          path: junit
+
+      - run:
+          name: Frontend build completes successfully
+          when: always
+          command: npm run build
+
+  package:
+    machine: true
+
+    <<: *package_steps
+
+  services:
+    docker:
+      - image: circleci/node:8
+
+    <<: *services_steps
+
+  services@node-latest:
+    docker:
+      - image: circleci/node:latest
+
+    <<: *services_steps
+
+  e2e:
+    docker:
+      - image: cypress/base:8
+    steps:
+      - checkout
+
+      - restore_cache:
+          name: Restore Cypress binary
+          keys:
+            - v2-cypress-dependencies-{{ checksum "package-lock.json" }}
+
+      - run:
+          name: Install dependencies
+          command: npm ci
+
+      - run:
+          name: Frontend build
+          command: GATSBY_BASE_URL=http://localhost:8080 npm run build
+
+      - run:
+          name: Run tests
+          environment:
+            CYPRESS_REPORTER: junit
+            MOCHA_FILE: junit/e2e/results.xml
+          command: npm run e2e-on-build
+
+      - store_test_results:
+          path: junit
+
+      - store_artifacts:
+          path: cypress/videos
+
+      - store_artifacts:
+          path: cypress/screenshots
+
+      - save_cache:
+          name: Cache Cypress binary
+          paths:
+            # https://docs.cypress.io/guides/getting-started/installing-cypress.html#Binary-cache
+            - ~/.cache/Cypress
+          key: v2-cypress-dependencies-{{ checksum "package-lock.json" }}
+
+workflows:
+  version: 2
+
+  on-commit:
+    jobs:
+      - main:
+          filters:
+            branches:
+              ignore: gh-pages
+      - main@node-latest:
+          filters:
+            branches:
+              ignore: gh-pages
+      - integration@node-latest:
+          filters:
+            branches:
+              ignore: gh-pages
+      - frontend:
+          filters:
+            branches:
+              ignore: gh-pages
+      - package:
+          filters:
+            branches:
+              ignore: gh-pages
+      - services:
+          filters:
+            branches:
+              ignore:
+                - master
+                - gh-pages
+      - services@node-latest:
+          filters:
+            branches:
+              ignore:
+                - master
+                - gh-pages
+      - danger:
+          filters:
+            branches:
+              ignore:
+                - master
+                - gh-pages
+                - /dependabot\/.*/
+      - e2e:
+          filters:
+            branches:
+              ignore: gh-pages
+  # on-commit-with-cache:
+  #   jobs:
+  #     - npm-install:
+  #         filters:
+  #           branches:
+  #             ignore: gh-pages
+  #     - main:
+  #         requires:
+  #           - npm-install
+  #     - main@node-latest:
+  #         requires:
+  #           - npm-install
+  #     - frontend:
+  #         requires:
+  #           - npm-install
+  #     - services:
+  #         requires:
+  #           - npm-install
+  #         filters:
+  #           branches:
+  #             ignore: master
+  #     - services@node-latest:
+  #         requires:
+  #           - npm-install
+  #         filters:
+  #           branches:
+  #             ignore: master
+  #     - danger:
+  #         requires:
+  #           - npm-install
+  #         filters:
+  #           branches:
+  #             ignore: /dependabot\/.*/
--- a/.dependabot/config.yml
+++ b/.dependabot/config.yml
@@ -0,0 +1,109 @@
+version: 1
+update_configs:
+  # shields.io dependencies
+  - package_manager: 'javascript'
+    directory: '/'
+    update_schedule: 'weekly'
+    automerged_updates:
+      - match:
+          dependency_name: 'chai*'
+          update_type: 'semver:minor'
+      - match:
+          dependency_name: 'cypress'
+          update_type: 'semver:minor'
+      - match:
+          dependency_name: 'eslint*'
+          update_type: 'semver:minor'
+      - match:
+          dependency_name: 'enzyme*'
+          update_type: 'semver:minor'
+      - match:
+          dependency_name: 'mocha*'
+          update_type: 'semver:minor'
+      - match:
+          dependency_name: 'sazerac'
+          update_type: 'semver:minor'
+      - match:
+          dependency_name: 'sinon*'
+          update_type: 'semver:minor'
+      - match:
+          dependency_name: 'snap-shot-it'
+          update_type: 'semver:minor'
+    ignored_updates:
+      - match:
+          dependency_name: babel-preset-gatsby
+          version_requirement: '>=0.3.0'
+      - match:
+          dependency_name: camelcase
+          version_requirement: '>=6.0.0'
+      - match:
+          dependency_name: chalk
+          version_requirement: '>=4.0.0'
+      - match:
+          dependency_name: cross-env
+          version_requirement: '>=7.0.0'
+      - match:
+          dependency_name: decamelize
+          version_requirement: '>=4.0.0'
+      - match:
+          dependency_name: escape-string-regexp
+          version_requirement: '>=3.0.0'
+      - match:
+          dependency_name: eslint-plugin-jsdoc
+          version_requirement: '>=21.0.0'
+      - match:
+          dependency_name: gatsby
+          version_requirement: '>=2.19.50'
+      - match:
+          dependency_name: gatsby-plugin-catch-links
+          version_requirement: '>=2.2.0'
+      - match:
+          dependency_name: gatsby-plugin-page-creator
+          version_requirement: '>=2.2.0'
+      - match:
+          dependency_name: gatsby-plugin-react-helmet
+          version_requirement: '>=3.2.0'
+      - match:
+          dependency_name: gatsby-plugin-remove-trailing-slashes
+          version_requirement: '>=2.2.0'
+      - match:
+          dependency_name: gatsby-plugin-styled-components
+          version_requirement: '>=3.2.0'
+      - match:
+          dependency_name: gatsby-plugin-typescript
+          version_requirement: '>=2.3.0'
+      - match:
+          dependency_name: got
+          version_requirement: '>=10.0.0'
+      - match:
+          dependency_name: '@hapi/joi'
+          version_requirement: '>=17.0.0'
+      - match:
+          dependency_name: husky
+          version_requirement: '>=4.0.0'
+      - match:
+          dependency_name: lint-staged
+          version_requirement: '>=10.0.0'
+      - match:
+          dependency_name: nock
+          version_requirement: '>=12.0.0'
+      - match:
+          dependency_name: prom-client
+          version_requirement: '>=12.0.0'
+      - match:
+          dependency_name: react-error-overlay
+          version_requirement: '>=3.0.0'
+      - match:
+          dependency_name: sinon
+          version_requirement: '>=9.0.0'
+      - match:
+          dependency_name: start-server-and-test
+          version_requirement: '>=1.10.8'
+      - match:
+          dependency_name: xmldom
+          version_requirement: '>=0.3.0'
+
+  # gh-badges package dependencies
+  - package_manager: 'javascript'
+    directory: '/gh-badges'
+    update_schedule: 'weekly'
--- a/.dockerignore
+++ b/.dockerignore
@@ -0,0 +1,8 @@
+node_modules/
+shields.env
+.git/
+.gitignore
+.vscode/
+
+# Improve layer cacheability.
+Dockerfile
--- a/.eslintignore
+++ b/.eslintignore
@@ -0,0 +1,6 @@
+/api-docs/
+/build
+/coverage
+/__snapshots__
+/public
+gh-badges/node_modules/
--- a/.eslintrc.yml
+++ b/.eslintrc.yml
@@ -0,0 +1,177 @@
+extends:
+  - standard
+  - standard-react
+  - plugin:@typescript-eslint/recommended
+  - prettier
+  - prettier/@typescript-eslint
+  - prettier/standard
+  - prettier/react
+  - eslint:recommended
+
+parserOptions:
+  # Override eslint-config-standard, which incorrectly sets this to "module",
+  # though that setting is only for ES6 modules, not CommonJS modules.
+  sourceType: 'script'
+
+settings:
+  react:
+    version: '16.8'
+
+plugins:
+  - chai-friendly
+  - jsdoc
+  - mocha
+  - no-extension-in-require
+  - sort-class-members
+  - import
+  - react-hooks
+  - promise
+
+overrides:
+  # For simplicity's sake, when possible prefer to add rules to the top-level
+  # list of rules, even if they only apply to certain files. That way the
+  # rules listed here are only ones which conflict.
+
+  - files:
+      - '**/*.js'
+      - '!frontend/**/*.js'
+    env:
+      node: true
+      es6: true
+    rules:
+      no-console: 'off'
+
+  - files:
+      - '**/*.@(ts|tsx)'
+    parserOptions:
+      sourceType: 'module'
+    parser: '@typescript-eslint/parser'
+    rules:
+      # Argh.
+      '@typescript-eslint/explicit-function-return-type':
+        ['error', { 'allowExpressions': true }]
+      '@typescript-eslint/no-empty-function': 'error'
+      '@typescript-eslint/no-var-requires': 'error'
+      '@typescript-eslint/no-object-literal-type-assertion': 'off'
+      '@typescript-eslint/no-explicit-any': 'error'
+      '@typescript-eslint/ban-ts-ignore': 'off'
+
+  - files:
+      - core/**/*.ts
+    parserOptions:
+      sourceType: 'module'
+    parser: '@typescript-eslint/parser'
+  - files:
+      - gatsby-browser.js
+      - 'frontend/**/*.@(js|ts|tsx)'
+    parserOptions:
+      sourceType: 'module'
+    env:
+      browser: true
+    rules:
+      import/extensions:
+        ['error', 'never', { 'json': 'always', 'yml': 'always' }]
+
+  - files:
+      - 'core/base-service/**/*.js'
+      - 'services/**/*.js'
+    rules:
+      sort-class-members/sort-class-members:
+        [
+          'error',
+          {
+            order:
+              [
+                'name',
+                'category',
+                'isDeprecated',
+                'route',
+                'auth',
+                'examples',
+                '_cacheLength',
+                'defaultBadgeData',
+                'render',
+                'constructor',
+                'fetch',
+                'transform',
+                'handle',
+              ],
+          },
+        ]
+
+  - files:
+      - '**/*.spec.@(js|ts|tsx)'
+      - '**/*.integration.js'
+      - '**/test-helpers.js'
+      - 'core/service-test-runner/**/*.js'
+    env:
+      mocha: true
+    rules:
+      mocha/no-exclusive-tests: 'error'
+      mocha/no-mocha-arrows: 'error'
+      mocha/prefer-arrow-callback: 'error'
+
+rules:
+  # Disable some rules from eslint:recommended.
+  no-empty: ['error', { 'allowEmptyCatch': true }]
+
+  # Allow unused parameters. In callbacks, removing them seems to obscure
+  # what the functions are doing.
+  '@typescript-eslint/no-unused-vars': ['error', { 'args': 'none' }]
+  no-unused-vars: 'off'
+
+  '@typescript-eslint/no-var-requires': 'off'
+
+  # These should be disabled by eslint-config-prettier, but are not.
+  no-extra-semi: 'off'
+
+  # Shields additions.
+  no-var: 'error'
+  prefer-const: 'error'
+  strict: 'error'
+  arrow-body-style: ['error', 'as-needed']
+  no-extension-in-require/main: 'error'
+  object-shorthand: ['error', 'properties']
+  prefer-template: 'error'
+  promise/prefer-await-to-then: 'error'
+  func-style: ['error', 'declaration', { 'allowArrowFunctions': true }]
+  new-cap: ['error', { 'capIsNew': true }]
+  import/order: ['error', { 'newlines-between': 'never' }]
+
+  # Chai friendly.
+  no-unused-expressions: 'off'
+  chai-friendly/no-unused-expressions: 'error'
+
+  # jsdoc plugin:
+  # don't require every class/function to have a docblock
+  jsdoc/require-jsdoc: 'off'
+
+  # allow Joi as an undefined type
+  jsdoc/no-undefined-types: ['error', { definedTypes: ['Joi'] }]
+
+  # all the other reccomended rules as errors (not warnings)
+  jsdoc/check-alignment: 'error'
+  jsdoc/check-param-names: 'error'
+  jsdoc/check-tag-names: 'error'
+  jsdoc/check-types: 'error'
+  jsdoc/implements-on-classes: 'error'
+  jsdoc/newline-after-description: 'error'
+  jsdoc/require-param: 'error'
+  jsdoc/require-param-description: 'error'
+  jsdoc/require-param-name: 'error'
+  jsdoc/require-param-type: 'error'
+  jsdoc/require-returns: 'error'
+  jsdoc/require-returns-check: 'error'
+  jsdoc/require-returns-description: 'error'
+  jsdoc/require-returns-type: 'error'
+  jsdoc/valid-types: 'error'
+
+  # Disable some from TypeScript.
+  '@typescript-eslint/camelcase': off
+  '@typescript-eslint/explicit-function-return-type': 'off'
+  '@typescript-eslint/no-empty-function': 'off'
+
+  react/jsx-sort-props: 'error'
+  react-hooks/rules-of-hooks: 'error'
+  react-hooks/exhaustive-deps: 'error'
+  jsx-quotes: ['error', 'prefer-double']
--- a/.github/FUNDING.yml
+++ b/.github/FUNDING.yml
@@ -0,0 +1 @@
+open_collective: shields
--- a/.github/ISSUE_TEMPLATE/1_Bug_report.md
+++ b/.github/ISSUE_TEMPLATE/1_Bug_report.md
@@ -0,0 +1,29 @@
+---
+name: 🐛 Bug Report
+about: Report errors and problems
+labels: 'question'
+---
+
+Are you experiencing an issue with...
+
+- [ ] [shields.io](https://shields.io/#/)
+- [ ] My own instance
+- [ ] [gh-badges NPM package](https://www.npmjs.com/package/gh-badges)
+
+:beetle: **Description**
+
+<!-- A clear and concise description of the problem. -->
+
+:link: **Link to the badge**
+
+<!--
+If you are reporting a problem with a specific badge on shields.io,
+provide a link to a badge demonstrating the error
+-->
+
+:bulb: **Possible Solution**
+
+<!--- Optional: only if you have suggestions on a fix/reason for the bug -->
+
+<!-- Love Shields? Please consider donating $10 to sustain our activities:
+👉  https://opencollective.com/shields -->
--- a/.github/ISSUE_TEMPLATE/2_Failing_service_test.md
+++ b/.github/ISSUE_TEMPLATE/2_Failing_service_test.md
@@ -0,0 +1,36 @@
+---
+name: 💚 Failing service test
+about: Note failing service tests
+labels: 'keep-service-tests-green'
+---
+
+:clock11: **When did the problem start?**
+
+<!-- Indicate when the problem started -->
+
+:camera: **Live badge**
+
+<!-- Provide a link to the live badge in plain text and markdown.  -->
+
+![]( url goes here )
+
+:wrench: **Is the live badge working?**
+
+<!-- Indicate whether or not the live badge is working. -->
+
+:link: **CircleCI link**
+
+<!-- Provide a link to the failing test in CircleCI. -->
+
+:beetle: **Stack trace**
+
+```
+<!-- Provide the complete stack trace from the CircleCI test summary. -->
+```
+
+:bulb: **Possible solution**
+
+<!--- Optional: only if you have suggestions on a fix/reason for the bug -->
+
+<!-- Love Shields? Please consider donating $10 to sustain our activities:
+👉  https://opencollective.com/shields -->
--- a/.github/ISSUE_TEMPLATE/3_Badge_request.md
+++ b/.github/ISSUE_TEMPLATE/3_Badge_request.md
@@ -0,0 +1,37 @@
+---
+name: 💡 Badge Request
+about: Ideas for new badges
+labels: 'service-badge'
+---
+
+:clipboard: **Description**
+
+<!--
+A clear and concise description of the new badge.
+
+- Which service is this badge for e.g: GitHub, Travis CI
+- What sort of information should this badge show?
+  Provide an example in plain text e.g: "version | v1.01" or as a static badge
+  (static badge generator can be found at https://shields.io)
+-->
+
+:link: **Data**
+
+<!--
+Where can we get the data from?
+
+- Is there a public API?
+- Does the API requires an API key?
+- Link to the API documentation.
+-->
+
+:microphone: **Motivation**
+
+<!--
+Please explain why this feature should be implemented and how it would be used.
+
+- What is the specific use case?
+-->
+
+<!-- Love Shields? Please consider donating $10 to sustain our activities:
+👉  https://opencollective.com/shields -->
--- a/.github/ISSUE_TEMPLATE/4_Feature_request.md
+++ b/.github/ISSUE_TEMPLATE/4_Feature_request.md
@@ -0,0 +1,11 @@
+---
+name: 💡 Feature Request
+about: Ideas for other new features or improvements
+---
+
+:clipboard: **Description**
+
+<!-- A clear and concise description of the new feature. -->
+
+<!-- Love Shields? Please consider donating $10 to sustain our activities:
+👉  https://opencollective.com/shields -->
--- a/.github/ISSUE_TEMPLATE/5_Support_question.md
+++ b/.github/ISSUE_TEMPLATE/5_Support_question.md
@@ -0,0 +1,17 @@
+---
+name: ❓ Support Question
+about: Ask a question about shields.io
+labels: 'question'
+---
+
+:question: **Question**
+
+<!--
+Ask your question clearly and concisely.
+
+#support on our [Discord](https://discordapp.com/invite/HjJCwm5)
+is also a great place to ask questions and get help
+-->
+
+<!-- Love Shields? Please consider donating $10 to sustain our activities:
+👉  https://opencollective.com/shields -->
--- a/.github/probot.js
+++ b/.github/probot.js
@@ -0,0 +1,10 @@
+on('pull_request.closed')
+  .filter(context => context.payload.pull_request.merged)
+  .filter(
+    context =>
+      context.payload.pull_request.head.ref.slice(0, 11) !== 'dependabot/'
+  )
+  .filter(context => context.payload.pull_request.base.ref === 'master')
+  .comment(`This pull request was merged to [{{ pull_request.base.ref }}]({{ repository.html_url }}/tree/{{ pull_request.base.ref }}) branch. This change is now waiting for deployment, which will usually happen within a few days. Stay tuned by joining our \`#ops\` channel on [Discord](https://discordapp.com/invite/HjJCwm5)!
+  
+After deployment, changes are copied to [gh-pages]({{ repository.html_url }}/tree/gh-pages) branch: ![](https://img.shields.io/github/commit-status/{{ repository.full_name }}/gh-pages/{{ pull_request.merge_commit_sha }}.svg?label=deploy%20status)`)
--- a/.github/workflows/auto-approve.yml
+++ b/.github/workflows/auto-approve.yml
@@ -0,0 +1,10 @@
+name: Auto approve
+on: pull_request
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: chris48s/approve-bot@1.0.0
+        with:
+          github-token: '${{ secrets.GITHUB_TOKEN }}'
--- a/.gitignore
+++ b/.gitignore
@@ -4,11 +4,10 @@
 /coverage.html
 /redis
 /ServerScript
-/secret.json
-/.github-user-tokens.json
-
-# Installed npm modules
-node_modules
+/private
+/index.html
+/shields.env
+gh-badges/package-lock.json

 # Folder view configuration files
 .DS_Store
@@ -18,6 +17,102 @@ Desktop.ini
 ._*
 Thumbs.db

+# Visual Studio Code User Settings
+.vscode/settings.json
+
+# eclipse
+.project
+.settings
+
 # Files that might appear on external disks
 .Spotlight-V100
 .Trashes
+
+# Jetbrains
+/.idea
+
+# Created by https://www.gitignore.io/api/node
+
+### Node ###
+# Logs
+logs
+*.log
+
+# Runtime data
+pids
+*.pid
+*.seed
+*.pid.lock
+
+# Directory for instrumented libs generated by jscoverage/JSCover
+lib-cov
+
+# Coverage directory used by tools like istanbul
+coverage
+
+# nyc test coverage
+.nyc_output
+
+# Grunt intermediate storage (http://gruntjs.com/creating-plugins#storing-task-files)
+.grunt
+
+# Bower dependency directory (https://bower.io/)
+bower_components
+
+# node-waf configuration
+.lock-wscript
+
+# Compiled binary addons (http://nodejs.org/api/addons.html)
+build/Release
+
+# Dependency directories
+node_modules/
+jspm_packages/
+
+# Typescript v1 declaration files
+typings/
+
+# Optional npm cache directory
+.npm
+
+# Optional eslint cache
+.eslintcache
+
+# Optional REPL history
+.node_repl_history
+
+# Output of 'npm pack'
+*.tgz
+
+# Yarn Integrity file
+.yarn-integrity
+
+# dotenv environment variables file
+.env
+
+# Temporary build artifacts.
+/build
+.next
+badge-examples.json
+supported-features.json
+service-definitions.yml
+
+# Local runtime configuration.
+/config/local*.yml
+
+# Template for the local runtime configuration.
+!/config/local*.template.yml
+
+# Gatsby
+/.cache
+/public
+
+# Cypress
+/cypress/videos/
+/cypress/screenshots/
+
+# Rendered API docs
+/api-docs/
+
+# Flamebearer
+flamegraph.html
--- a/.gitpod.yml
+++ b/.gitpod.yml
@@ -0,0 +1,27 @@
+ports:
+  - port: 8080
+    onOpen: open-preview
+tasks:
+  - init: npm ci && npm run build
+    command: node server 8080 0.0.0.0
+github:
+  prebuilds:
+    # enable for the master/default branch (defaults to true)
+    master: true
+    # enable for all branches in this repo (defaults to false)
+    branches: false
+    # enable for pull requests coming from this repo (defaults to true)
+    pullRequests: true
+    # enable for pull requests coming from forks (defaults to false)
+    pullRequestsFromForks: true
+    # add a check to pull requests (defaults to true)
+    addCheck: true
+    # add a "Review in Gitpod" button as a comment to pull requests (defaults to false)
+    addComment: false
+    # add a "Review in Gitpod" button to the pull request's description (defaults to false)
+    addBadge: false
+    # add a label once the prebuild is ready to pull requests (defaults to false)
+    addLabel: false
+vscode:
+  extensions:
+    - esbenp.prettier-vscode@1.7.0:EbyqFvwe32qQBptkOgfQpQ==
--- a/.mocharc-frontend.yml
+++ b/.mocharc-frontend.yml
@@ -0,0 +1,6 @@
+reporter: mocha-env-reporter
+require:
+  - '@babel/polyfill'
+  - '@babel/register'
+  - mocha-yaml-loader
+  - frontend/mocha-ignore-pngs
--- a/.mocharc.yml
+++ b/.mocharc.yml
@@ -0,0 +1 @@
+reporter: mocha-env-reporter
--- a/.nowignore
+++ b/.nowignore
@@ -0,0 +1,30 @@
+*
+!frontend/
+!gh-badges/
+!lib/
+!core/
+!logo/
+!pages/
+!public/
+!templates/
+!services/
+!package-lock.json
+!/*.js
+!scripts/export-*.js
+!config/
+config/local*.yml
+*.spec.js
+*~
+.env
+.circleci
+.github
+.vscode
+__snapshots__
+.buildpacks
+.eslint*
+.editorconfig
+.nycrc*
+.gitpod*
+.prettier*
+CONTRIBUTING.md
+Dockerfile
--- a/.nycrc-frontend.json
+++ b/.nycrc-frontend.json
@@ -0,0 +1,10 @@
+{
+  "reporter": ["lcov"],
+  "all": false,
+  "silent": true,
+  "clean": false,
+  "sourceMap": false,
+  "instrument": false,
+  "include": ["frontend/**/*.js"],
+  "exclude": ["**/*.spec.js", "**/mocha-*.js"]
+}
--- a/.nycrc.json
+++ b/.nycrc.json
@@ -0,0 +1,26 @@
+{
+  "reporter": ["lcov"],
+  "all": true,
+  "silent": true,
+  "clean": false,
+  "exclude": [
+    "**/*.spec.js",
+    "**/*.integration.js",
+    "**/test-helpers.js",
+    "**/*-test-helpers.js",
+    "**/*-fixtures.js",
+    "**/mocha-*.js",
+    "dangerfile.js",
+    "gatsby-*.js",
+    "core/service-test-runner",
+    "core/got-test-client.js",
+    "services/**/*.tester.js",
+    "services/test-validators.js",
+    "services/tester.js",
+    "core/base-service/loader-test-fixtures",
+    "scripts",
+    "coverage",
+    "build",
+    ".github"
+  ]
+}
--- a/.prettierignore
+++ b/.prettierignore
@@ -0,0 +1,15 @@
+package.json
+package-lock.json
+/__snapshots__
+/.next
+/.cache
+/api-docs
+/build
+/public
+/coverage
+private/*.json
+/.nyc_output
+analytics.json
+gh-badges/templates/default-template.json
+supported-features.json
+service-definitions.yml
--- a/.prettierrc.yml
+++ b/.prettierrc.yml
@@ -0,0 +1,5 @@
+semi: false
+singleQuote: true
+trailingComma: es5
+bracketSpacing: true
+endOfLine: lf
--- a/.travis.yml
+++ b/.travis.yml
@@ -1,18 +0,0 @@
-before_install:
-  - sudo apt-get update -myqq
-  - sudo apt-get install libcairo2-dev libjpeg8-dev libpango1.0-dev libgif-dev build-essential g++
-language: node_js
-node_js:
-  - 6
-
-branches:
-  only:
-    - master
-
-notifications:
-  email:
-    - thaddee.tyl@gmail.com
-  irc: "irc.freenode.org#shields"
-
-git:
-  depth: 10
--- a/.vscode/extensions.json
+++ b/.vscode/extensions.json
@@ -0,0 +1,7 @@
+{
+  "recommendations": [
+    "esbenp.prettier-vscode",
+    "EditorConfig.EditorConfig",
+    "dbaeumer.vscode-eslint"
+  ]
+}
--- a/.vscode/launch.json
+++ b/.vscode/launch.json
@@ -0,0 +1,13 @@
+{
+  "version": "0.2.0",
+  "configurations": [
+    {
+      "type": "node",
+      "request": "attach",
+      "name": "Node: Nodemon",
+      "processId": "${command:PickProcess}",
+      "restart": true,
+      "protocol": "inspector"
+    }
+  ]
+}
--- a/1
+++ b/1
@@ -1 +0,0 @@
-shields.io
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -1,65 +1,146 @@
-# Contribution Guidelines
+# Contributing to Shields

-This is the home of Shields.io, home to the badge design specification, API documentation, and server code for Badges as a Service.
+Shields is a community project. We invite your participation through
+financial contributions, issues, and pull requests!

-We invite participation through [GitHub Issues][], which we use much like a discussion forum. This repository should only contain non-implementation specific topics: specifications, design, and the web site.
+## Ways you can help

-## This implementation
+### Financial contributions

-Please see [INSTALL.md][] for information on how to start contributing code to
-shields.io.
+We welcome financial contributions in full transparency on our
+[open collective](https://opencollective.com/shields). Anyone can file an
+expense. If the expense makes sense for the development of the community, it
+will be "merged" into the ledger of our open collective by the core
+contributors and the person who filed the expense will be reimbursed.

-[INSTALL.md]: ./INSTALL.md
+### Contributing code

-Note that the root gets redirected to <http://shields.io>.
-For testing purposes, you can go to `http://localhost/try.html`.
-You should modify that file. The "real" root, `http://localhost/index.html`,
-gets generated from the `try.html` file with a `make website`.
+This project has quite a backlog of suggestions! If you're new to the project,
+maybe you'd like to open a pull request to address one of them:

-## Ground rules
+[![GitHub issues by-label](https://img.shields.io/github/issues/badges/shields/good%20first%20issue.svg)](https://github.com/badges/shields/issues?q=is%3Aissue+is%3Aopen+label%3A%22good+first+issue%22)

- The left-hand side of a badge should not advertize. It should be a noun
-  describing succinctly the meaning of the right-hand-side data.
- New query parameters (such as `?label=` or `?style=`) should apply to any
-  requested badge. They must be registered in the cache (see `LruCache` in
-  `server.js`).
- The format of new badges should be of the form
-  `/VENDOR/SUBVENDOR-BADGE-SPECIFIC/PARAMETERS.format`. For instance,
-  `https://img.shields.io/gitter/room/nwjs/nw.js.svg`. The vendor is gitter, the
-  badge is for rooms, the parameter is nwjs/nw.js, and the format is svg.
+### Contributing documentation

-## Implementations
+You can help by improving the project's usage and developer instructions.

-The main implementation, available at <http://shields.io>, has its code located in this repository.
+Tutorials are in [/doc](https://github.com/badges/shields/tree/master/doc):

-Other systems that produce badges following the same design, hosted elsewhere, are listed below.
+- When you read the documentation, you can fix mistakes and add your own thoughts.
+- When your pull request follows the documentation but the practice changed,
+  consider pointing this out and change the documentation for the next person.

-| website / AP                      | language   | issues                       |
-| --------------------------------- | ---------- | ---------------------------- |
-| shielded                          | JavaScript | [shielded][shielded issues]  |
-| [buckler.repl.ca][]               | Go         | [buckler][buckler issues]    |
-| old img.shields.io (discontinued) | Python     | [img.shields.io-old][]       |
-| DotBadge                          | C#         | [DotBadge](https://github.com/rebornix/DotBadge/issues) |
+API documentation is at [contributing.shields.io](https://contributing.shields.io/):

-Please report **bugs** and discuss implementation specific concerns (performance characteristics, etc.) in the repository for the respective implementation.
+- This documentation is generated by annotating the code with
+  [JSDoc](https://jsdoc.app/about-getting-started.html) comments.
+  [Example](https://github.com/badges/shields/blob/b3be4d94d5ef570b8daccfd088c343a958988843/core/base-service/base-json.js#L26-L41)
+- Adding a JSDoc comment to some existing code is a great first contribution
+  and a good way to familiarize yourself with the codebase

-## Adding support for a service
+### Helping others

-Please [open an issue][new issue] if you'd like to use Shields badges for a project that isn't yet supported.
+You can help with code review, which reduces bugs, and over time has a
+wonderful side effect of making the code more readable and therefore more
+approachable. It's also a great way to teach and learn. Feel free to jump in!
+Be welcoming, appreciative, and helpful. You can perform first reviews of
+simple changes, like badge additions. These are usually tagged with
+[service badge][service badge pr tag].

+Please review [these impeccable guidelines][code review guidelines].

-[shields.io]: http://shields.io/
-[website]: https://github.com/badges/shields/tree/gh-pages
-[GitHub Issues]: https://github.com/badges/shields/issues
-[new issue]: https://github.com/badges/shields/issues/new
+You can monitor [issues][] and the [chat room][], and help other people who
+have questions about contributing to Shields, or using it for their projects.

-[img.shields.io]: http://img.shields.io/
-[gh-badges issues]: https://github.com/badges/shields/issues
-[primary]: https://github.com/badges/shields/issues/94
+Feel free to reach out to one of the [maintainers][]
+if you need help getting started.

-[shielded issues]: https://github.com/badges/shielded/issues
+[service badge pr tag]: https://github.com/badges/shields/pulls?q=is%3Apr+is%3Aopen+label%3Aservice-badge
+[code review guidelines]: https://kickstarter.engineering/a-guide-to-mindful-communication-in-code-reviews-48aab5282e5e
+[issues]: https://github.com/badges/shields/issues
+[chat room]: https://discordapp.com/invite/HjJCwm5
+[maintainers]: https://github.com/badges/shields#project-leaders

-[buckler.repl.ca]: http://buckler.repl.ca/
-[buckler issues]: https://github.com/badges/buckler/issues
+### Suggesting improvements

-[img.shields.io-old]: https://github.com/badges/img.shields.io-old/issues
+There are _a lot_ of suggestions on file. You can help by weighing in on these
+suggestions, which helps convey community need to other contributors who might
+pick them up.
+
+There is no need to post a new comment. Just add a :thumbsup: or :heart: to
+the top post.
+
+If you have a suggestion of your own, [search the open issues][issues]. If you
+don't see it, feel free to [open a new issue][open an issue].
+
+[open an issue]: https://github.com/badges/shields/issues/new/choose
+
+### Spreading the word
+
+Feel free to star the repository. This will help increase the visibility of the project, therefore attracting more users and contributors to Shields!
+
+We're also asking for [one-time \$10 donations](https://opencollective.com/shields) from developers who use and love Shields, please spread the word!
+
+## Getting help
+
+There are three places to get help:
+
+1. If you're new to the project, a good place to start is the [tutorial][].
+2. If you need help getting started or implementing a change, [open an issue][]
+   with your question. We promise it's okay to do that. If there is already an
+   issue open for the feature you're working on, you can post there.
+3. You can also join the [chat room][] and ask your question there.
+
+[tutorial]: doc/TUTORIAL.md
+
+## Badge guidelines
+
+- Shields.io hosts integrations for services which are primarily
+  used by developers or which are widely used by developers
+- The left-hand side of a badge should not advertise. It should be a lowercase _noun_
+  succinctly describing the meaning of the right-hand side.
+- Except for badges using the `social` style, logos should be _turned off by
+  default_.
+
+## Badge URLs
+
+- The format of new badges should be of the form `/SERVICE/NOUN/PARAMETERS`.
+- There is further documentation on this in [badge-urls](https://github.com/badges/shields/blob/master/doc/badge-urls.md)
+
+## Coding guidelines
+
+### Prettier
+
+This project formats its source code using Prettier. The most enjoyable way to
+use Prettier is to let it format code for you when you save. You can [integrate
+it into your editor][integrate prettier].
+
+Whether you integrate it into your editor or not, a pre-commit hook will run
+Prettier before a commit by default.
+
+[integrate prettier]: https://prettier.io/docs/en/editors.html
+
+### Tests
+
+When adding or changing a service [please write tests][service-tests].
+
+When opening a pull request, include your service name in brackets in the pull
+request title. That way, those service tests will run in CI.
+
+e.g. **[Travis] Fix timeout issues**
+
+When changing other code, please add unit tests.
+
+To run the integration tests, you must have redis installed and in your PATH.
+Use `brew install redis`, `yum install redis`, etc. The test runner will
+start the server automatically.
+
+[service-tests]: https://github.com/badges/shields/blob/master/doc/service-tests.md
+
+### Code organization
+
+There is a [High-level code walkthrough](doc/code-walkthrough.md) describing the layout of the project.
+
+### Logos
+
+We have [documentation for logo usage](doc/logos.md) which includes [contribution guidance](doc/logos.md#contributing-logos)
--- a/25
+++ b/25
@@ -1,3 +1,24 @@
-FROM node:0.12-onbuild
-ENV INFOSITE http://shields.io
+FROM node:8-alpine
+
+RUN mkdir -p /usr/src/app
+RUN mkdir /usr/src/app/private
+WORKDIR /usr/src/app
+
+COPY package.json package-lock.json /usr/src/app/
+# Without the gh-badges package.json and CLI script in place, `npm ci` will fail.
+COPY gh-badges /usr/src/app/gh-badges/
+
+# We need dev deps to build the front end. We don't need Cypress, though.
+RUN NODE_ENV=development CYPRESS_INSTALL_BINARY=0 npm ci
+
+COPY . /usr/src/app
+RUN npm run build
+RUN npm prune --production
+RUN npm cache clean --force
+
+# Run the server using production configs.
+ENV NODE_ENV production
+
+CMD node server
+
 EXPOSE 80
--- a/INSTALL.md
+++ b/INSTALL.md
@@ -1,170 +0,0 @@
-# GitHub badges in SVG format
-
-[![npm version](http://img.shields.io/npm/v/gh-badges.svg)](https://npmjs.org/package/gh-badges)
-
-![coverage](https://rawgithub.com/badges/shields/master/coverage.svg)
-
-[![build status](http://img.shields.io/travis/badges/gh-badges.svg)](https://travis-ci.org/badges/gh-badges)
-
-Make your own badges [here][badges]! (Quick guide: `https://img.shields.io/badge/left-right-f39f37.svg`.)
-
-[badges]: <http://shields.io/#your-badge>
-
-# Install the API
-
-```bash
-npm install gh-badges
-```
-
-```js
-var badge = require('gh-badges');
-// Optional step, to have accurate text width computation.
-badge.loadFont('/path/to/Verdana.ttf', function(err) {
-  badge({ text: ["build", "passed"], colorscheme: "green", template: "flat" },
-    function(svg, err) {
-      // svg is a String of your badge.
-    });
-});
-```
-
-# Use the CLI
-
-```bash
-npm install -g gh-badges
-badge build passed :green .png > mybadge.png
-# Stored a PNG version of your badge on disk.
-```
-
-# Start the Server
-To run the server you will need the following executables on your Path:
- [PhantomJS](http://www.phantomjs.org/)
-
-On an OS X machine, [Homebrew](brew.sh) is a good package manager that will
-allow you to install that.
-
-On Ubuntu / Debian: `sudo apt-get install phantomjs`.
-
-```bash
-git clone https://github.com/badges/shields.git
-cd shields
-npm install  # You may need sudo for this.
-sudo node server
-```
-
-The server uses port 80 by default, which requires `sudo` permissions.
-There are two ways to provide an alternate port:
-
-```bash
-PORT=8080 node server
-node server 8080
-```
-
-The root gets redirected to <http://shields.io>.
-For testing purposes, you can go to `http://localhost/try.html`.
-You should modify that file. The "real" root, `http://localhost/index.html`,
-gets generated from the `try.html` file.
-
-# Format
-
-The format is the following:
-
-```js
-{
-  /* Textual information shown, in order. */
-  "text": [ "build", "passed" ],
-  "format": "svg",  // Also supports "json".
-  "colorscheme": "green",
-  /* … Or… */
-  "colorA": "#555",
-  "colorB": "#4c1",
-  /* See template/ for a list of available templates.
-     Each offers a different visual design. */
-  "template": "flat"
-}
-```
-
-# Defaults
-
-If you want to add a colorscheme, head to `colorscheme.json`. Each scheme has a
-name and a [CSS/SVG color][] for the color used in the first box (for the first
-piece of text, field `colorA`) and for the one used in the second box (field
-`colorB`).
-
-[CSS/SVG color]: http://www.w3.org/TR/SVG/types.html#DataTypeColor
-
-```js
-"green": {
-  "colorB": "#4c1"
-}
-```
-
-Both `colorA` and `colorB` have default values. Usually, the first box uses the
-same dark grey, so you can rely on that default value by not providing a
-`"colorA"` field (such as above).
-
-You can also use the `"colorA"` and `"colorB"` fields directly in the badges if
-you don't want to make a color scheme for it. In that case, remove the
-`"colorscheme"` field altogether.
-
-# Making your Heroku badge server
-
-Once you have installed the [Heroku Toolbelt][]:
-
-[Heroku Toolbelt]: https://toolbelt.heroku.com/
-
-```bash
-heroku login
-heroku create your-app-name
-heroku config:set BUILDPACK_URL=https://github.com/mojodna/heroku-buildpack-multi.git#build-env
-cp /path/to/Verdana.ttf .
-make deploy
-heroku open
-```
-
-# Docker
-
-You can build and run the server locally using Docker. First build an image:
-
-```console
-$ docker build -t shields ./
-Sending build context to Docker daemon 3.923 MB
-Step 0 : FROM node:0.12.7-onbuild
-…
-Removing intermediate container c4678889953f
-Successfully built 4471b442c220
-```
-
-Then run the container:
-
-```console
-$ docker run --rm -p 8080:80 shields
-
-> gh-badges@1.1.2 start /usr/src/app
-> node server.js
-
-http://[::1]:80/try.html
-```
-
-Assuming Docker is running locally, you should be able to get to the application at http://localhost:8080/try.html. If you run Docker in a virtual machine (such as boot2docker or Docker Machine) then you will need to replace `localhost` with the actual IP address of that virtual machine.
-
-# Main Server Sysadmin
-
- DNS round-robin between https://vps197850.ovh.net/try.html and https://vps244529.ovh.net/try.html.
- Self-signed TLS certificates, but `img.shields.io` is behind CloudFlare, which provides signed certificates.
- Using node v0.12.7 because later versions, combined with node-canvas, give inaccurate badge measurements.
- Using forever (the node monitor) to automatically restart the server when it crashes.
-
-See https://github.com/badges/ServerScript for helper admin scripts.
-
-# Links
-
-See <https://github.com/h5bp/lazyweb-requests/issues/150> for a story of the
-project's inception.
-
-This is also available as a gem `badgerbadgerbadger`, [code here][gem].
-
-[gem]: https://github.com/badges/badgerbadgerbadger
-
-# License
-
-All work here is licensed CC0.
--- a/116
+++ b/116
@@ -0,0 +1,116 @@
+CC0 1.0 Universal
+
+Statement of Purpose
+
+The laws of most jurisdictions throughout the world automatically confer
+exclusive Copyright and Related Rights (defined below) upon the creator and
+subsequent owner(s) (each and all, an "owner") of an original work of
+authorship and/or a database (each, a "Work").
+
+Certain owners wish to permanently relinquish those rights to a Work for the
+purpose of contributing to a commons of creative, cultural and scientific
+works ("Commons") that the public can reliably and without fear of later
+claims of infringement build upon, modify, incorporate in other works, reuse
+and redistribute as freely as possible in any form whatsoever and for any
+purposes, including without limitation commercial purposes. These owners may
+contribute to the Commons to promote the ideal of a free culture and the
+further production of creative, cultural and scientific works, or to gain
+reputation or greater distribution for their Work in part through the use and
+efforts of others.
+
+For these and/or other purposes and motivations, and without any expectation
+of additional consideration or compensation, the person associating CC0 with a
+Work (the "Affirmer"), to the extent that he or she is an owner of Copyright
+and Related Rights in the Work, voluntarily elects to apply CC0 to the Work
+and publicly distribute the Work under its terms, with knowledge of his or her
+Copyright and Related Rights in the Work and the meaning and intended legal
+effect of CC0 on those rights.
+
+1. Copyright and Related Rights. A Work made available under CC0 may be
+protected by copyright and related or neighboring rights ("Copyright and
+Related Rights"). Copyright and Related Rights include, but are not limited
+to, the following:
+
+  i. the right to reproduce, adapt, distribute, perform, display, communicate,
+  and translate a Work;
+
+  ii. moral rights retained by the original author(s) and/or performer(s);
+
+  iii. publicity and privacy rights pertaining to a person's image or likeness
+  depicted in a Work;
+
+  iv. rights protecting against unfair competition in regards to a Work,
+  subject to the limitations in paragraph 4(a), below;
+
+  v. rights protecting the extraction, dissemination, use and reuse of data in
+  a Work;
+
+  vi. database rights (such as those arising under Directive 96/9/EC of the
+  European Parliament and of the Council of 11 March 1996 on the legal
+  protection of databases, and under any national implementation thereof,
+  including any amended or successor version of such directive); and
+
+  vii. other similar, equivalent or corresponding rights throughout the world
+  based on applicable law or treaty, and any national implementations thereof.
+
+2. Waiver. To the greatest extent permitted by, but not in contravention of,
+applicable law, Affirmer hereby overtly, fully, permanently, irrevocably and
+unconditionally waives, abandons, and surrenders all of Affirmer's Copyright
+and Related Rights and associated claims and causes of action, whether now
+known or unknown (including existing as well as future claims and causes of
+action), in the Work (i) in all territories worldwide, (ii) for the maximum
+duration provided by applicable law or treaty (including future time
+extensions), (iii) in any current or future medium and for any number of
+copies, and (iv) for any purpose whatsoever, including without limitation
+commercial, advertising or promotional purposes (the "Waiver"). Affirmer makes
+the Waiver for the benefit of each member of the public at large and to the
+detriment of Affirmer's heirs and successors, fully intending that such Waiver
+shall not be subject to revocation, rescission, cancellation, termination, or
+any other legal or equitable action to disrupt the quiet enjoyment of the Work
+by the public as contemplated by Affirmer's express Statement of Purpose.
+
+3. Public License Fallback. Should any part of the Waiver for any reason be
+judged legally invalid or ineffective under applicable law, then the Waiver
+shall be preserved to the maximum extent permitted taking into account
+Affirmer's express Statement of Purpose. In addition, to the extent the Waiver
+is so judged Affirmer hereby grants to each affected person a royalty-free,
+non transferable, non sublicensable, non exclusive, irrevocable and
+unconditional license to exercise Affirmer's Copyright and Related Rights in
+the Work (i) in all territories worldwide, (ii) for the maximum duration
+provided by applicable law or treaty (including future time extensions), (iii)
+in any current or future medium and for any number of copies, and (iv) for any
+purpose whatsoever, including without limitation commercial, advertising or
+promotional purposes (the "License"). The License shall be deemed effective as
+of the date CC0 was applied by Affirmer to the Work. Should any part of the
+License for any reason be judged legally invalid or ineffective under
+applicable law, such partial invalidity or ineffectiveness shall not
+invalidate the remainder of the License, and in such case Affirmer hereby
+affirms that he or she will not (i) exercise any of his or her remaining
+Copyright and Related Rights in the Work or (ii) assert any associated claims
+and causes of action with respect to the Work, in either case contrary to
+Affirmer's express Statement of Purpose.
+
+4. Limitations and Disclaimers.
+
+  a. No trademark or patent rights held by Affirmer are waived, abandoned,
+  surrendered, licensed or otherwise affected by this document.
+
+  b. Affirmer offers the Work as-is and makes no representations or warranties
+  of any kind concerning the Work, express, implied, statutory or otherwise,
+  including without limitation warranties of title, merchantability, fitness
+  for a particular purpose, non infringement, or the absence of latent or
+  other defects, accuracy, or the present or absence of errors, whether or not
+  discoverable, all to the greatest extent permissible under applicable law.
+
+  c. Affirmer disclaims responsibility for clearing rights of other persons
+  that may apply to the Work or any use thereof, including without limitation
+  any person's Copyright and Related Rights in the Work. Further, Affirmer
+  disclaims responsibility for obtaining any necessary consents, permissions
+  or other rights required for any use of the Work.
+
+  d. Affirmer understands and acknowledges that Creative Commons is not a
+  party to this document and has no duty or obligation with respect to this
+  CC0 or use of the Work.
+
+For more information, please see
+<http://creativecommons.org/publicdomain/zero/1.0/>
--- a/LICENSE.md
+++ b/LICENSE.md
@@ -1,33 +0,0 @@
-# DEDICATED TO THE PUBLIC DOMAIN
-
-Shields has been dedicated to the public domain. It is protected by the Creative Commons CC0 Universal Public Domain Dedication license. You can read the entire license below or at http://creativecommons.org/publicdomain/zero/1.0/deed.en.
-
-# CC0 UNIVERSAL PUBLIC DOMAIN DEDICATION LICENSE
-
-## Statement of Purpose
-
-The laws of most jurisdictions throughout the world automatically confer exclusive Copyright and Related Rights (defined below) upon the creator and subsequent owner(s) (each and all, an "owner") of an original work of authorship and/or a database (each, a "Work").
-
-Certain owners wish to permanently relinquish those rights to a Work for the purpose of contributing to a commons of creative, cultural and scientific works ("Commons") that the public can reliably and without fear of later claims of infringement build upon, modify, incorporate in other works, reuse and redistribute as freely as possible in any form whatsoever and for any purposes, including without limitation commercial purposes. These owners may contribute to the Commons to promote the ideal of a free culture and the further production of creative, cultural and scientific works, or to gain reputation or greater distribution for their Work in part through the use and efforts of others.
-
-For these and/or other purposes and motivations, and without any expectation of additional consideration or compensation, the person associating CC0 with a Work (the "Affirmer"), to the extent that he or she is an owner of Copyright and Related Rights in the Work, voluntarily elects to apply CC0 to the Work and publicly distribute the Work under its terms, with knowledge of his or her Copyright and Related Rights in the Work and the meaning and intended legal effect of CC0 on those rights.
-
-1. Copyright and Related Rights. A Work made available under CC0 may be protected by copyright and related or neighboring rights ("Copyright and Related Rights"). Copyright and Related Rights include, but are not limited to, the following:
-a. the right to reproduce, adapt, distribute, perform, display, communicate, and translate a Work;
-b. moral rights retained by the original author(s) and/or performer(s);
-c. publicity and privacy rights pertaining to a person's image or likeness depicted in a Work;
-rights protecting against unfair competition in regards to a Work, subject to the limitations in paragraph 4(a), below;
-d. rights protecting the extraction, dissemination, use and reuse of data in a Work;
-e. database rights (such as those arising under Directive 96/9/EC of the European Parliament and of the Council of 11 March 1996 on the legal protection of databases, and under any national implementation thereof, including any amended or successor version of such directive); and
-f. other similar, equivalent or corresponding rights throughout the world based on applicable law or treaty, and any national implementations thereof.
-
-2. Waiver. To the greatest extent permitted by, but not in contravention of, applicable law, Affirmer hereby overtly, fully, permanently, irrevocably and unconditionally waives, abandons, and surrenders all of Affirmer's Copyright and Related Rights and associated claims and causes of action, whether now known or unknown (including existing as well as future claims and causes of action), in the Work (i) in all territories worldwide, (ii) for the maximum duration provided by applicable law or treaty (including future time extensions), (iii) in any current or future medium and for any number of copies, and (iv) for any purpose whatsoever, including without limitation commercial, advertising or promotional purposes (the "Waiver"). Affirmer makes the Waiver for the benefit of each member of the public at large and to the detriment of Affirmer's heirs and successors, fully intending that such Waiver shall not be subject to revocation, rescission, cancellation, termination, or any other legal or equitable action to disrupt the quiet enjoyment of the Work by the public as contemplated by Affirmer's express Statement of Purpose.
-
-3. Public License Fallback. Should any part of the Waiver for any reason be judged legally invalid or ineffective under applicable law, then the Waiver shall be preserved to the maximum extent permitted taking into account Affirmer's express Statement of Purpose. In addition, to the extent the Waiver is so judged Affirmer hereby grants to each affected person a royalty-free, non transferable, non sublicensable, non exclusive, irrevocable and unconditional license to exercise Affirmer's Copyright and Related Rights in the Work (i) in all territories worldwide, (ii) for the maximum duration provided by applicable law or treaty (including future time extensions), (iii) in any current or future medium and for any number of copies, and (iv) for any purpose whatsoever, including without limitation commercial, advertising or promotional purposes (the "License"). The License shall be deemed effective as of the date CC0 was applied by Affirmer to the Work. Should any part of the License for any reason be judged legally invalid or ineffective under applicable law, such partial invalidity or ineffectiveness shall not invalidate the remainder of the License, and in such case Affirmer hereby affirms that he or she will not (i) exercise any of his or her remaining Copyright and Related Rights in the Work or (ii) assert any associated claims and causes of action with respect to the Work, in either case contrary to Affirmer's express Statement of Purpose.
-
-4. Limitations and Disclaimers.
-
-a. No trademark or patent rights held by Affirmer are waived, abandoned, surrendered, licensed or otherwise affected by this document.
-b. Affirmer offers the Work as-is and makes no representations or warranties of any kind concerning the Work, express, implied, statutory or otherwise, including without limitation warranties of title, merchantability, fitness for a particular purpose, non infringement, or the absence of latent or other defects, accuracy, or the present or absence of errors, whether or not discoverable, all to the greatest extent permissible under applicable law.
-c. Affirmer disclaims responsibility for clearing rights of other persons that may apply to the Work or any use thereof, including without limitation any person's Copyright and Related Rights in the Work. Further, Affirmer disclaims responsibility for obtaining any necessary consents, permissions or other rights required for any use of the Work.
-d. Affirmer understands and acknowledges that Creative Commons is not a party to this document and has no duty or obligation with respect to this CC0 or use of the Work.
--- a/116
+++ b/116
@@ -1,72 +1,70 @@
-all: website favicon test
+SHELL:=/bin/bash

-UNAME_S := $(shell uname -s)
-ifeq ($(UNAME_S),Linux)
-	SED=sed -r
-	NEWLINE=$\n
-endif
-ifeq ($(UNAME_S),Darwin)
-	SED=sed -E
-	NEWLINE=$$'\n'
-endif
+SERVER_TMP=${TMPDIR}shields-server-deploy
+FRONTEND_TMP=${TMPDIR}shields-frontend-deploy

-favicon:
-	node gh-badge.js '' '' '#bada55' .png > favicon.png
+# This branch is reserved for the deploy process and should not be used for
+# development. The deploy script will clobber it. To avoid accidentally
+# pushing secrets to GitHub, this branch is configured to reject pushes.
+WORKING_BRANCH=server-deploy-working-branch

-website:
-	cat try.html | $(SED) "s,(<img src=')(/[^'\?]+)',\1https://img.shields.io\2?maxAge=2592000'," \
-		| $(SED) "s,(<img src=')(/[^'\?]+\?[^']+)',\1https://img.shields.io\2\&maxAge=2592000'," \
-		| $(SED) "s,<span id='imgUrlPrefix'>,&https://img.shields.io," \
-		| $(SED) "s,var origin = '';,var origin = 'https://img.shields.io';," \
-		| $(SED) "s,<style>,<!-- WARNING: THIS FILE WAS GENERATED FROM try.html -->\\"$(NEWLINE)"<style>," > index.html
+all: test

-deploy: deploy-s0 deploy-s1 deploy-gh-pages
+deploy: deploy-s0 deploy-s1 deploy-s2 clean-server-deploy deploy-gh-pages deploy-gh-pages-clean

-deploy-s0:
-	git add -f Verdana.ttf
-	git add -f secret.json
-	git commit -m'MUST NOT BE ON GITHUB'
-	git push -f s0 HEAD:master
-	git reset HEAD~1
-	git checkout master
+deploy-s0: prepare-server-deploy push-s0
+deploy-s1: prepare-server-deploy push-s1
+deploy-s2: prepare-server-deploy push-s2

-deploy-s1:
-	git add -f Verdana.ttf
-	git add -f secret.json
-	git commit -m'MUST NOT BE ON GITHUB'
-	git push -f s1 HEAD:master
-	git reset HEAD~1
-	git checkout master
+prepare-server-deploy:
+	# Ship a copy of the front end to each server for debugging.
+	# https://github.com/badges/shields/issues/1220
+	INCLUDE_DEV_PAGES=false \
+		npm run build
+	rm -rf ${SERVER_TMP}
+	git worktree prune
+	git worktree add -B ${WORKING_BRANCH} ${SERVER_TMP}
+	cp -r public ${SERVER_TMP}
+	git -C ${SERVER_TMP} add -f public/
+	git -C ${SERVER_TMP} commit --no-verify -m '[DEPLOY] Add frontend for debugging'
+	cp config/local-shields-io-production.yml ${SERVER_TMP}/config/
+	git -C ${SERVER_TMP} add -f config/local-shields-io-production.yml
+	git -C ${SERVER_TMP} commit --no-verify -m '[DEPLOY] MUST NOT BE ON GITHUB'
+
+clean-server-deploy:
+	rm -rf ${SERVER_TMP}
+	git worktree prune
+
+push-s0:
+	git push -f s0 ${WORKING_BRANCH}:master
+
+push-s1:
+	git push -f s1 ${WORKING_BRANCH}:master
+
+push-s2:
+	git push -f s2 ${WORKING_BRANCH}:master

 deploy-gh-pages:
-	(git checkout -B gh-pages && \
-	git merge master && \
-	git push -f origin gh-pages:gh-pages) || git checkout master
-	git checkout master
+	rm -rf ${FRONTEND_TMP}
+	git worktree prune
+	GATSBY_BASE_URL=https://img.shields.io \
+		INCLUDE_DEV_PAGES=false \
+		npm run build
+	git worktree add -B gh-pages ${FRONTEND_TMP}
+	git -C ${FRONTEND_TMP} ls-files | xargs git -C ${FRONTEND_TMP} rm
+	git -C ${FRONTEND_TMP} commit --no-verify -m '[DEPLOY] Completely clean the index'
+	cp -r public/* ${FRONTEND_TMP}
+	echo shields.io > ${FRONTEND_TMP}/CNAME
+	touch ${FRONTEND_TMP}/.nojekyll
+	git -C ${FRONTEND_TMP} add .
+	git -C ${FRONTEND_TMP} commit --no-verify -m '[DEPLOY] Add built site'
+	git push -f origin gh-pages

-deploy-heroku:
-	git add -f Verdana.ttf
-	git add -f secret.json
-	git commit -m'MUST NOT BE ON GITHUB'
-	git push -f heroku HEAD:master
-	git reset HEAD~1
-	(git checkout -B gh-pages && \
-	git merge master && \
-	git push -f origin gh-pages:gh-pages) || git checkout master
-	git checkout master
-
-setup:
-	curl http://download.redis.io/releases/redis-2.8.8.tar.gz >redis.tar.gz \
-	&& tar xf redis.tar.gz \
-	&& rm redis.tar.gz \
-	&& mv redis-2.8.8 redis \
-	&& cd redis \
-	&& make
-
-redis:
-	./redis/src/redis-server
+deploy-gh-pages-clean:
+	rm -rf ${FRONTEND_TMP}
+	git worktree prune

 test:
 	npm test

-.PHONY: all favicon website deploy deploy-s0 deploy-s1 deploy-gh-pages deploy-heroku setup redis test
+.PHONY: all deploy prepare-server-deploy clean-server-deploy deploy-s0 deploy-s1 deploy-s2 push-s0 push-s1 push-s2 deploy-gh-pages deploy-gh-pages-clean deploy-heroku setup redis test
--- a/1
+++ b/1
@@ -0,0 +1 @@
+web: npm run start:server:prod
--- a/README.md
+++ b/README.md
@@ -1,96 +1,241 @@
 <p align="center">
-    <img src="https://rawgit.com/badges/shields/master/logo.svg"
-         height="130">
+    <img src="https://raw.githubusercontent.com/badges/shields/master/frontend/images/logo.svg?sanitize=true"
+        height="130">
 </p>
 <p align="center">
-    <a href="https://www.gratipay.com/Shields/">
-        <img src="https://img.shields.io/gratipay/team/shields.svg"
-             alt="Gratipay">
-    </a>
-    <a href="https://npmjs.org/package/gh-badges">
-        <img src="https://img.shields.io/npm/v/gh-badges.svg"
-             alt="npm version">
-    </a>
-    <a href="https://travis-ci.org/badges/shields">
-        <img src="https://img.shields.io/travis/badges/shields.svg"
-             alt="build status">
-    </a>
+    <a href="https://github.com/badges/shields/graphs/contributors" alt="Contributors">
+        <img src="https://img.shields.io/github/contributors/badges/shields" /></a>
+    <a href="#backers" alt="Backers on Open Collective">
+        <img src="https://img.shields.io/opencollective/backers/shields" /></a>
+    <a href="#sponsors" alt="Sponsors on Open Collective">
+        <img src="https://img.shields.io/opencollective/sponsors/shields" /></a>
+    <a href="https://github.com/badges/shields/pulse" alt="Activity">
+        <img src="https://img.shields.io/github/commit-activity/m/badges/shields" /></a>
+    <a href="https://circleci.com/gh/badges/shields/tree/master">
+        <img src="https://img.shields.io/circleci/project/github/badges/shields/master" alt="build status"></a>
+    <a href="https://circleci.com/gh/badges/daily-tests">
+        <img src="https://img.shields.io/circleci/project/github/badges/daily-tests?label=service%20tests"
+            alt="service-test status"></a>
+    <a href="https://coveralls.io/github/badges/shields">
+        <img src="https://img.shields.io/coveralls/github/badges/shields"
+            alt="coverage"></a>
+    <a href="https://lgtm.com/projects/g/badges/shields/alerts/">
+        <img src="https://img.shields.io/lgtm/alerts/g/badges/shields"
+            alt="Total alerts"/></a>
+    <a href="https://github.com/badges/shields/compare/gh-pages...master">
+        <img src="https://img.shields.io/github/commits-since/badges/shields/gh-pages?label=commits%20to%20be%20deployed"
+            alt="commits to be deployed"></a>
+    <a href="https://discord.gg/HjJCwm5">
+        <img src="https://img.shields.io/discord/308323056592486420?logo=discord"
+            alt="chat on Discord"></a>
+    <a href="https://twitter.com/intent/follow?screen_name=shields_io">
+        <img src="https://img.shields.io/twitter/follow/shields_io?style=social&logo=twitter"
+            alt="follow on Twitter"></a>
 </p>
-<p align="center"><sup><strong>An image server for legible and concise information. Our <a href="http://shields.io/">Homepage</a> | <a href="https://twitter.com/shields_io">Twitter</a></strong></sup></p>

-* **[INSTALL](INSTALL.md)** – installation instructions.
-* **[CONTRIBUTING](CONTRIBUTING.md)** – project contribution guidelines.
-* **[SPECIFICATION](spec/SPECIFICATION.md)** – spec for the visual design of Shields badges.
-* **[LICENSE](LICENSE.md)** – public domain dedication.
+This is home to [Shields.io][shields.io], a service for concise, consistent,
+and legible badges in SVG and raster format, which can easily be included in
+GitHub readmes or any other web page. The service supports dozens of
+continuous integration services, package registries, distributions, app
+stores, social networks, code coverage services, and code analysis services.
+Every month it serves over 470 million images.

-Make your own badges [here][badges]! (Quick guide: `https://img.shields.io/badge/left-right-f39f37.svg`.)
+This repo hosts:

-[badges]: <http://shields.io/#your-badge>
+- The [Shields.io][shields.io] frontend and server code
+- An [NPM library for generating badges][gh-badges]
+  - [documentation][gh-badges-docs]
+  - [changelog][gh-badges-changelog]
+- The [badge design specification][badge-spec]

-## Solving the problem
-Many GitHub repositories sport badges for things like:
-<table>
-  <tr>
-    <td><a href="https://travis-ci.org/"><strong>Travis CI</strong></a><p><sup>(build status)</sup></p></td>
-    <td><img src="http://f.cl.ly/items/2H233M0I0T43313c3h0C/Screen%20Shot%202013-01-30%20at%202.45.30%20AM.png" alt="Travis CI badge"></td>
-  </tr>
-  <tr>
-    <td><a href="https://gemnasium.com/"><strong>Gemnasium</strong></a><p><sup>(dependency checks)</sup></p></td>
-    <td><img src="http://f.cl.ly/items/2j1D2R0q2C3s1x2y3k09/Screen%20Shot%202013-01-30%20at%202.46.10%20AM.png" alt="Gemnasium badge"></td>
-  </tr>
-  <tr>
-    <td><a href="http://codeclimate.com"><strong>Code Climate</strong></a><p><sup>(static analysis)</sup></p></td>
-    <td><img src="http://f.cl.ly/items/0H2O1A3q2b3j1D2i0M3j/Screen%20Shot%202013-01-30%20at%202.46.47%20AM.png" alt="Code Climate badge"></td>
-  </tr>
-  <tr>
-    <td><a href="http://rubygems.org"><strong>RubyGems</strong></a><p><sup>(released gem version)</sup></p></td>
-    <td><img src="http://f.cl.ly/items/443X21151h1V301s2s3a/Screen%20Shot%202013-01-30%20at%202.47.10%20AM.png" alt="RubyGems badge"></td>
-  </tr>
-</table>
-
-As you can see from the zoomed 400% versions of these badges above, nobody is (really) using the same badge file and at normal size, they're hardly legible. Worst of all, they're completely inconsistent. The information provided isn't of the same kind on each badge. The context is blurry, which doesn't make for a straightforward understanding of how these badges are relevant to the project they're attached to and what information they provide.
-
-## The Shields solution
-As you can see below, without increasing the footprint of these badges, I've tried to increase legibility and coherence, removing useless text to decrease the horizontal length in the (likely) scenario that more of these badge thingies crop up on READMEs all across the land.
-
-![Badge design](spec/proportions.png)
-
-This badge design corresponds to an old and now deprecated version which has since been replaced by beautiful and scalable SVG versions that can be found on [shields.io](http://shields.io).
+[shields.io]: https://shields.io/
+[gh-badges]: https://www.npmjs.com/package/gh-badges
+[badge-spec]: https://github.com/badges/shields/tree/master/spec
+[gh-badges-docs]: https://github.com/badges/shields/tree/master/gh-badges/README.md
+[gh-badges-changelog]: https://github.com/badges/shields/tree/master/gh-badges/CHANGELOG.md

 ## Examples
-What kind of metadata can you convey using badges?
-* test build status: `build | failing`
-* code coverage percentage: `coverage | 80%`
-* stable release version: `version | 1.2.3`
-* package manager release: `gem | 1.2.3`
-* status of third-party dependencies: `dependencies | out-of-date`
-* static code analysis GPA: `code climate | 3.8`
-* [SemVer](http://semver.org/) version observance: `semver | 2.0.0`
-* amount of [Gratipay](http://gratipay.com) donations per week: `tips | $2/week`

-## Services using the Shields standard
-* [Badger](https://github.com/badges/badgerbadgerbadger)
-* [badges2svg](https://github.com/bfontaine/badges2svg)
-* [Codacy](https://www.codacy.com)
-* [Code Climate](https://codeclimate.com/changelog/510d4fde56b102523a0004bf)
-* [Coveralls](https://coveralls.io/)
-* [Forkability](http://basicallydan.github.io/forkability/)
-* [Gemnasium](http://support.gemnasium.com/forums/236528-general/suggestions/5518400-use-svg-for-badges-so-they-still-look-sharp-on-r)
-* [GoDoc](https://godoc.org/)
-* [PHPPackages](https://phppackages.org)
-* [Read the Docs](https://readthedocs.org/)
-* [reposs](https://github.com/rexfinn/reposs)
-* [ruby-gem-downloads-badge](https://github.com/bogdanRada/ruby-gem-downloads-badge/)
-* [Scrutinizer](https://scrutinizer-ci.com/)
-* [Semaphore](https://semaphoreapp.com)
-* [Travis CI](https://github.com/travis-ci/travis-ci/issues/630#issuecomment-38054967)
-* [Version Badge](http://badge.fury.io/)
-* [VersionEye](https://www.versioneye.com/)
+- code coverage percentage: ![coverage](https://img.shields.io/badge/coverage-80%25-yellowgreen)
+- stable release version: ![version](https://img.shields.io/badge/version-1.2.3-blue)
+- package manager release: ![gem](https://img.shields.io/badge/gem-2.2.0-blue)
+- status of third-party dependencies: ![dependencies](https://img.shields.io/badge/dependencies-out%20of%20date-orange)
+- static code analysis grade: ![codacy](https://img.shields.io/badge/codacy-B-green)
+- [SemVer](https://semver.org/) version observance: ![semver](https://img.shields.io/badge/semver-2.0.0-blue)
+- amount of [Liberapay](https://liberapay.com/) donations per week: ![receives](https://img.shields.io/badge/receives-2.00%20USD%2Fweek-yellow)
+- Python package downloads: ![downloads](https://img.shields.io/badge/downloads-13k%2Fmonth-brightgreen)
+- Chrome Web Store extension rating: ![rating](https://img.shields.io/badge/rating-★★★★☆-brightgreen)
+- [Uptime Robot](https://uptimerobot.com) percentage: ![uptime](https://img.shields.io/badge/uptime-100%25-brightgreen)

-# Legal
+[Make your own badges!][custom badges]
+(Quick example: `https://img.shields.io/badge/left-right-f39f37`)

-All assets and code are under the [CC0 LICENSE](LICENSE.md) and in the public
+Browse a [complete list of badges][shields.io].
+
+[custom badges]: http://shields.io/#your-badge
+
+## Contributing
+
+Shields is a community project. We invite your participation through issues
+and pull requests! You can peruse the [contributing guidelines][contributing].
+
+When adding or changing a service [please add tests][service-tests].
+
+This project has quite a backlog of suggestions! If you're new to the project,
+maybe you'd like to open a pull request to address one of them:
+
+[![GitHub issues by-label](https://img.shields.io/github/issues/badges/shields/good%20first%20issue)](https://github.com/badges/shields/issues?q=is%3Aissue+is%3Aopen+label%3A%22good+first+issue%22)
+
+You can read a [tutorial on how to add a badge][tutorial].
+
+[service-tests]: https://github.com/badges/shields/blob/master/doc/service-tests.md
+[tutorial]: doc/TUTORIAL.md
+[contributing]: CONTRIBUTING.md
+
+## Development
+
+1. Install Node 8 or later. You can use the [package manager][] of your choice.
+   Tests need to pass in Node 8 and 10.
+2. Clone this repository.
+3. Run `npm ci` to install the dependencies.
+4. Run `npm start` to start the badge server and the frontend dev server.
+5. Open `http://localhost:3000/` to view the frontend.
+
+When server source files change, the badge server should automatically restart
+itself (using [nodemon][]). When the frontend files change, the frontend dev
+server (`gatsby dev`) should also automatically reload. However the badge
+definitions are built only before the server first starts. To regenerate those,
+either run `npm run defs` or manually restart the server.
+
+To debug a badge from the command line, run `npm run badge -- /npm/v/nock`.
+It also works with full URLs like
+`npm run badge -- https://img.shields.io/npm/v/nock`.
+
+Use `npm run debug:server` to start server in debug mode.
+[This recipe][nodemon debug] shows how to debug Node.js application in [VS Code][].
+
+Shields has experimental support for [Gitpod][gitpod], a pre-configured development
+environment that runs in your browser. To use Gitpod, click the button below and
+sign in with GitHub. Gitpod also offers a browser add-on, though it is not required.
+Please report any Gitpod bugs, questions, or suggestions in issue
+[#2772](https://github.com/badges/shields/issues/2772).
+
+[![Edit with Gitpod](https://gitpod.io/button/open-in-gitpod.svg)](https://gitpod.io/#https://github.com/badges/shields)
+
+[Snapshot tests][] ensure we don't inadvertently make changes that affect the
+SVG or JSON output. When deliberately changing the output, run
+`SNAPSHOT_DRY=1 npm run test:js:server` to preview changes to the saved
+snapshots, and `SNAPSHOT_UPDATE=1 npm run test:js:server` to update them.
+
+The server can be configured to use [Sentry][] ([configuration][sentry configuration]) and [Prometheus][] ([configuration][prometheus configuration]).
+
+Daily tests, including a full run of the service tests and overall code coverage, are run via [badges/daily-tests][daily-tests].
+
+[package manager]: https://nodejs.org/en/download/package-manager/
+[gitpod]: https://www.gitpod.io/
+[snapshot tests]: https://glebbahmutov.com/blog/snapshot-testing/
+[prometheus]: https://prometheus.io/
+[prometheus configuration]: doc/self-hosting.md#prometheus
+[sentry]: https://sentry.io/
+[sentry configuration]: doc/self-hosting.md#sentry
+[daily-tests]: https://github.com/badges/daily-tests
+[nodemon]: https://nodemon.io/
+[nodemon debug]: https://github.com/Microsoft/vscode-recipes/tree/master/nodemon
+[vs code]: https://code.visualstudio.com/
+
+## Hosting your own server
+
+There is documentation about [hosting your own server][self-hosting].
+
+[self-hosting]: doc/self-hosting.md
+
+## History
+
+b.adge.me was the original website for this service. Heroku back then had a
+thing which made it hard to use a toplevel domain with it, hence the odd
+domain. It used code developed in 2013 from a library called
+[gh-badges][old-gh-badges], both developed by [Thaddée Tyl][espadrine].
+The project merged with shields.io by making it use the b.adge.me code
+and closed b.adge.me.
+
+The original badge specification was developed in 2013 by
+[Olivier Lacan][olivierlacan]. It was inspired by the Travis CI and similar
+badges (there were a lot fewer, back then). In 2014 Thaddée Tyl redesigned
+it with help from a Travis CI employee and convinced everyone to switch to
+it. The old design is what today is called the plastic style; the new one
+is the flat style.
+
+You can read more about [the project's inception][thread],
+[the motivation of the SVG badge specification][motivation], and
+[the specification itself][spec].
+
+[olivierlacan]: https://github.com/olivierlacan
+[espadrine]: https://github.com/espadrine
+[old-gh-badges]: https://github.com/badges/gh-badges
+[motivation]: spec/motivation.md
+[spec]: spec/SPECIFICATION.md
+[thread]: https://github.com/h5bp/lazyweb-requests/issues/150
+
+## Project leaders
+
+Maintainers:
+
+- [calebcartwright](https://github.com/calebcartwright) (core team)
+- [chris48s](https://github.com/chris48s) (core team)
+- [Daniel15](https://github.com/Daniel15) (core team)
+- [espadrine](https://github.com/espadrine) (core team)
+- [paulmelnikow](https://github.com/paulmelnikow) (core team)
+- [platan](https://github.com/platan) (core team)
+- [PyvesB](https://github.com/PyvesB) (core team)
+- [RedSparr0w](https://github.com/RedSparr0w) (core team)
+
+Operations:
+
+- [espadrine](https://github.com/espadrine) (sysadmin)
+- [paulmelnikow](https://github.com/paulmelnikow) (limited access)
+
+Alumni:
+
+- [olivierlacan](https://github.com/olivierlacan)
+
+## Related projects
+
+- [badgerbadgerbadger gem][gem]
+- [pybadges python library][pybadges]
+
+[gem]: https://github.com/badges/badgerbadgerbadger
+[pybadges]: https://github.com/google/pybadges
+
+## License
+
+All assets and code are under the [CC0 LICENSE](LICENSE) and in the public
 domain unless specified otherwise.

-The assets in `logo/` are trademarks of their respective companies and are under
-their terms and license.
+The assets in `logo/` are trademarks of their respective companies and are
+under their terms and license.
+
+## Contributors
+
+This project exists thanks to all the people who contribute. [[Contribute](CONTRIBUTING.md)].
+<a href="https://github.com/badges/shields/graphs/contributors"><img src="https://opencollective.com/shields/contributors.svg?width=890" /></a>
+
+## Backers
+
+Thank you to all our backers! 🙏 [[Become a backer](https://opencollective.com/shields#backer)]
+
+<a href="https://opencollective.com/shields#backers" target="_blank"><img src="https://opencollective.com/shields/backers.svg?width=890"></a>
+
+## Sponsors
+
+Support this project by becoming a sponsor. Your logo will show up here with a link to your website. [[Become a sponsor](https://opencollective.com/shields#sponsor)]
+
+<a href="https://opencollective.com/shields/sponsor/0/website" target="_blank"><img src="https://opencollective.com/shields/sponsor/0/avatar.svg"></a>
+<a href="https://opencollective.com/shields/sponsor/1/website" target="_blank"><img src="https://opencollective.com/shields/sponsor/1/avatar.svg"></a>
+<a href="https://opencollective.com/shields/sponsor/2/website" target="_blank"><img src="https://opencollective.com/shields/sponsor/2/avatar.svg"></a>
+<a href="https://opencollective.com/shields/sponsor/3/website" target="_blank"><img src="https://opencollective.com/shields/sponsor/3/avatar.svg"></a>
+<a href="https://opencollective.com/shields/sponsor/4/website" target="_blank"><img src="https://opencollective.com/shields/sponsor/4/avatar.svg"></a>
+<a href="https://opencollective.com/shields/sponsor/5/website" target="_blank"><img src="https://opencollective.com/shields/sponsor/5/avatar.svg"></a>
+<a href="https://opencollective.com/shields/sponsor/6/website" target="_blank"><img src="https://opencollective.com/shields/sponsor/6/avatar.svg"></a>
+<a href="https://opencollective.com/shields/sponsor/7/website" target="_blank"><img src="https://opencollective.com/shields/sponsor/7/avatar.svg"></a>
+<a href="https://opencollective.com/shields/sponsor/8/website" target="_blank"><img src="https://opencollective.com/shields/sponsor/8/avatar.svg"></a>
+<a href="https://opencollective.com/shields/sponsor/9/website" target="_blank"><img src="https://opencollective.com/shields/sponsor/9/avatar.svg"></a>
--- a/snapshots/make-badge.spec.js
+++ b/snapshots/make-badge.spec.js
@@ -0,0 +1,19 @@
+exports['The badge generator SVG should always produce the same SVG (unless we have changed something!) 1'] = `
+<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" width="90" height="20"><linearGradient id="b" x2="0" y2="100%"><stop offset="0" stop-color="#bbb" stop-opacity=".1"/><stop offset="1" stop-opacity=".1"/></linearGradient><clipPath id="a"><rect width="90" height="20" rx="3" fill="#fff"/></clipPath><g clip-path="url(#a)"><path fill="#555" d="M0 0h45v20H0z"/><path fill="#4c1" d="M45 0h45v20H45z"/><path fill="url(#b)" d="M0 0h90v20H0z"/></g><g fill="#fff" text-anchor="middle" font-family="DejaVu Sans,Verdana,Geneva,sans-serif" font-size="110"> <text x="235" y="150" fill="#010101" fill-opacity=".3" transform="scale(.1)" textLength="350">cactus</text><text x="235" y="140" transform="scale(.1)" textLength="350">cactus</text><text x="665" y="150" fill="#010101" fill-opacity=".3" transform="scale(.1)" textLength="350">grown</text><text x="665" y="140" transform="scale(.1)" textLength="350">grown</text></g> </svg>
+`
+
+exports['The badge generator badges with logos should always produce the same badge shields GitHub logo custom color (whitesmoke) 1'] = `
+<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" width="113" height="20"><linearGradient id="b" x2="0" y2="100%"><stop offset="0" stop-color="#bbb" stop-opacity=".1"/><stop offset="1" stop-opacity=".1"/></linearGradient><clipPath id="a"><rect width="113" height="20" rx="3" fill="#fff"/></clipPath><g clip-path="url(#a)"><path fill="#555" d="M0 0h54v20H0z"/><path fill="#4c1" d="M54 0h59v20H54z"/><path fill="url(#b)" d="M0 0h113v20H0z"/></g><g fill="#fff" text-anchor="middle" font-family="DejaVu Sans,Verdana,Geneva,sans-serif" font-size="110"><image x="5" y="3" width="14" height="14" xlink:href="github"/> <text x="365" y="150" fill="#010101" fill-opacity=".3" transform="scale(.1)" textLength="270">label</text><text x="365" y="140" transform="scale(.1)" textLength="270">label</text><text x="825" y="150" fill="#010101" fill-opacity=".3" transform="scale(.1)" textLength="490">message</text><text x="825" y="140" transform="scale(.1)" textLength="490">message</text></g> </svg>
+`
+
+exports['The badge generator badges with logos should always produce the same badge shields GitHub logo default color (#333333) 1'] = `
+<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" width="113" height="20"><linearGradient id="b" x2="0" y2="100%"><stop offset="0" stop-color="#bbb" stop-opacity=".1"/><stop offset="1" stop-opacity=".1"/></linearGradient><clipPath id="a"><rect width="113" height="20" rx="3" fill="#fff"/></clipPath><g clip-path="url(#a)"><path fill="#555" d="M0 0h54v20H0z"/><path fill="#4c1" d="M54 0h59v20H54z"/><path fill="url(#b)" d="M0 0h113v20H0z"/></g><g fill="#fff" text-anchor="middle" font-family="DejaVu Sans,Verdana,Geneva,sans-serif" font-size="110"><image x="5" y="3" width="14" height="14" xlink:href="github"/> <text x="365" y="150" fill="#010101" fill-opacity=".3" transform="scale(.1)" textLength="270">label</text><text x="365" y="140" transform="scale(.1)" textLength="270">label</text><text x="825" y="150" fill="#010101" fill-opacity=".3" transform="scale(.1)" textLength="490">message</text><text x="825" y="140" transform="scale(.1)" textLength="490">message</text></g> </svg>
+`
+
+exports['The badge generator badges with logos should always produce the same badge simple-icons javascript logo custom color (rgba(46,204,113,0.8)) 1'] = `
+<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" width="113" height="20"><linearGradient id="b" x2="0" y2="100%"><stop offset="0" stop-color="#bbb" stop-opacity=".1"/><stop offset="1" stop-opacity=".1"/></linearGradient><clipPath id="a"><rect width="113" height="20" rx="3" fill="#fff"/></clipPath><g clip-path="url(#a)"><path fill="#555" d="M0 0h54v20H0z"/><path fill="#4c1" d="M54 0h59v20H54z"/><path fill="url(#b)" d="M0 0h113v20H0z"/></g><g fill="#fff" text-anchor="middle" font-family="DejaVu Sans,Verdana,Geneva,sans-serif" font-size="110"><image x="5" y="3" width="14" height="14" xlink:href="javascript"/> <text x="365" y="150" fill="#010101" fill-opacity=".3" transform="scale(.1)" textLength="270">label</text><text x="365" y="140" transform="scale(.1)" textLength="270">label</text><text x="825" y="150" fill="#010101" fill-opacity=".3" transform="scale(.1)" textLength="490">message</text><text x="825" y="140" transform="scale(.1)" textLength="490">message</text></g> </svg>
+`
+
+exports['The badge generator badges with logos should always produce the same badge simple-icons javascript logo default color (#F7DF1E) 1'] = `
+<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" width="113" height="20"><linearGradient id="b" x2="0" y2="100%"><stop offset="0" stop-color="#bbb" stop-opacity=".1"/><stop offset="1" stop-opacity=".1"/></linearGradient><clipPath id="a"><rect width="113" height="20" rx="3" fill="#fff"/></clipPath><g clip-path="url(#a)"><path fill="#555" d="M0 0h54v20H0z"/><path fill="#4c1" d="M54 0h59v20H54z"/><path fill="url(#b)" d="M0 0h113v20H0z"/></g><g fill="#fff" text-anchor="middle" font-family="DejaVu Sans,Verdana,Geneva,sans-serif" font-size="110"><image x="5" y="3" width="14" height="14" xlink:href="javascript"/> <text x="365" y="150" fill="#010101" fill-opacity=".3" transform="scale(.1)" textLength="270">label</text><text x="365" y="140" transform="scale(.1)" textLength="270">label</text><text x="825" y="150" fill="#010101" fill-opacity=".3" transform="scale(.1)" textLength="490">message</text><text x="825" y="140" transform="scale(.1)" textLength="490">message</text></g> </svg>
+`
--- a/app.json
+++ b/app.json
@@ -0,0 +1,42 @@
+{
+  "name": "Shields",
+  "description": "Concise, consistent, and legible badges in SVG and raster format.",
+  "keywords": ["badge", "github", "svg", "status"],
+  "website": "https://shields.io/",
+  "repository": "https://github.com/badges/shields",
+  "logo": "http://shields.io/favicon.png",
+  "env": {
+    "CYPRESS_INSTALL_BINARY": {
+      "description": "Disable the cypress binary installation",
+      "value": "0",
+      "required": false
+    },
+    "HUSKY_SKIP_INSTALL": {
+      "description": "Skip the husky git hook setup",
+      "value": "1",
+      "required": false
+    },
+    "WHEELMAP_TOKEN": {
+      "description": "Configure the token to be used for the Wheelmap service.",
+      "required": false
+    },
+    "GH_TOKEN": {
+      "description": "Configure the token to be used for the GitHub services.",
+      "required": false
+    },
+    "TWITCH_CLIENT_ID": {
+      "description": "Configure the client id to be used for the Twitch service.",
+      "required": false
+    },
+    "TWITCH_CLIENT_SECRET": {
+      "description": "Configure the client secret to be used for the Twitch service.",
+      "required": false
+    }
+  },
+  "formation": {
+    "web": {
+      "quantity": 1,
+      "size": "free"
+    }
+  }
+}
--- a/badge.js
+++ b/badge.js
@@ -1,102 +0,0 @@
-var fs = require('fs');
-var path = require('path');
-var SVGO = require('svgo');
-var dot = require('dot');
-var measureTextWidth = require('./measure-text');
-
-// cache templates.
-var templates = {};
-var templateFiles = fs.readdirSync(path.join(__dirname, 'templates'));
-dot.templateSettings.strip = false;  // Do not strip whitespace.
-templateFiles.forEach(function(filename) {
-  if (filename[0] === '.') { return; }
-  var templateData = fs.readFileSync(
-    path.join(__dirname, 'templates', filename)).toString();
-  var extension = filename.split('.').pop();
-  var style = filename.slice(0, -(('-template.' + extension).length));
-  templates[style + '-' + extension] = dot.template(templateData);
-});
-
-function escapeXml(s) {
-  return s.replace(/&/g, '&amp;')
-          .replace(/</g, '&lt;')
-          .replace(/>/g, '&gt;')
-          .replace(/"/g, '&quot;')
-          .replace(/'/g, '&apos;');
-}
-function capitalize(s) {
-  return s[0].toUpperCase() + s.slice(1);
-}
-function addEscapers(data) {
-  data.escapeXml = escapeXml;
-  data.capitalize = capitalize;
-}
-
-var colorscheme = require(path.join(__dirname, 'colorscheme.json'));
-
-function optimize(string, callback) {
-  var svgo = new SVGO();
-  svgo.optimize(string, callback);
-}
-
-function makeImage(data, cb) {
-  if (data.format !== 'json') {
-    data.format = 'svg';
-  }
-  if (!(data.template + '-' + data.format in templates)) {
-    data.template = 'default';
-  }
-  if (data.colorscheme) {
-    var pickedColorscheme = colorscheme[data.colorscheme];
-    if (!pickedColorscheme) {
-      pickedColorscheme = colorscheme.red;
-    }
-    data.colorA = pickedColorscheme.colorA;
-    data.colorB = pickedColorscheme.colorB;
-  }
-  // Logo.
-  data.logoWidth = +data.logoWidth || (data.logo? 14: 0);
-  data.logoPadding = (data.logo? 3: 0);
-  // String coercion.
-  data.text[0] = '' + data.text[0];
-  data.text[1] = '' + data.text[1];
-  if (data.text[0].length === 0) {
-    data.logoPadding = 0;
-  }
-
-  var textWidth1 = (measureTextWidth(data.text[0])|0);
-  var textWidth2 = (measureTextWidth(data.text[1])|0);
-  // Increase chances of pixel grid alignment.
-  if (textWidth1 % 2 === 0) { textWidth1++; }
-  if (textWidth2 % 2 === 0) { textWidth2++; }
-  data.widths = [
-    textWidth1 + 10 + data.logoWidth + data.logoPadding,
-    textWidth2 + 10,
-  ];
-  if (data.links === undefined) {
-    data.links = ['', ''];
-  } else {
-    for (var i = 0; i < data.links.length; i++) {
-      data.links[i] = escapeXml(data.links[i]);
-    }
-  }
-
-  var template = templates[data.template + '-' + data.format];
-  addEscapers(data);
-  try {
-    var result = template(data);
-  } catch(e) {
-    cb('', e);
-    return;
-  }
-
-  if (data.format === 'json') {
-    cb(result);
-  } else {
-    // Run the SVG through SVGO.
-    optimize(result, function(object) { cb(object.data); });
-  }
-}
-
-module.exports = makeImage;
-module.exports.loadFont = measureTextWidth.loadFont;
--- a/colorscheme.json
+++ b/colorscheme.json
@@ -1,13 +0,0 @@
-{
-  "brightgreen":    { "colorB": "#4c1" },
-  "green":          { "colorB": "#97CA00" },
-  "yellow":         { "colorB": "#dfb317" },
-  "yellowgreen":    { "colorB": "#a4a61d" },
-  "orange":         { "colorB": "#fe7d37" },
-  "red":            { "colorB": "#e05d44" },
-  "blue":           { "colorB": "#007ec6" },
-  "grey":           { "colorB": "#555" },
-  "gray":           { "colorB": "#555" },
-  "lightgrey":      { "colorB": "#9f9f9f" },
-  "lightgray":      { "colorB": "#9f9f9f" }
-}
--- a/config/custom-environment-variables.yml
+++ b/config/custom-environment-variables.yml
@@ -0,0 +1,100 @@
+public:
+  bind:
+    address: 'BIND_ADDRESS'
+    port: 'PORT'
+
+  metrics:
+    prometheus:
+      enabled: 'METRICS_PROMETHEUS_ENABLED'
+      endpointEnabled: 'METRICS_PROMETHEUS_ENDPOINT_ENABLED'
+    influx:
+      enabled: 'METRICS_INFLUX_ENABLED'
+      url: 'METRICS_INFLUX_URL'
+      timeoutMilliseconds: 'METRICS_INFLUX_TIMEOUT_MILLISECONDS'
+      intervalSeconds: 'METRICS_INFLUX_INTERVAL_SECONDS'
+      instanceIdFrom: 'METRICS_INFLUX_INSTANCE_ID_FROM'
+      instanceIdEnvVarName: 'METRICS_INFLUX_INSTANCE_ID_ENV_VAR_NAME'
+      envLabel: 'METRICS_INFLUX_ENV_LABEL'
+
+  ssl:
+    isSecure: 'HTTPS'
+    key: 'HTTPS_KEY'
+    cert: 'HTTPS_CRT'
+
+  redirectUri: 'REDIRECT_URI'
+
+  rasterUrl: 'RASTER_URL'
+
+  cors:
+    allowedOrigin:
+      __name: 'ALLOWED_ORIGIN'
+      __format: 'json'
+
+  persistence:
+    dir: 'PERSISTENCE_DIR'
+
+  services:
+    bitbucketServer:
+      authorizedOrigins: 'BITBUCKET_SERVER_ORIGINS'
+    drone:
+      authorizedOrigins: 'DRONE_ORIGINS'
+    github:
+      baseUri: 'GITHUB_URL'
+      debug:
+        enabled: 'GITHUB_DEBUG_ENABLED'
+        intervalSeconds: 'GITHUB_DEBUG_INTERVAL_SECONDS'
+    jenkins:
+      authorizedOrigins: 'JENKINS_ORIGINS'
+    jira:
+      authorizedOrigins: 'JIRA_ORIGINS'
+    nexus:
+      authorizedOrigins: 'NEXUS_ORIGINS'
+    npm:
+      authorizedOrigins: 'NPM_ORIGINS'
+    sonar:
+      authorizedOrigins: 'SONAR_ORIGINS'
+    teamcity:
+      authorizedOrigins: 'TEAMCITY_ORIGINS'
+    trace: 'TRACE_SERVICES'
+
+  cacheHeaders:
+    defaultCacheLengthSeconds: 'BADGE_MAX_AGE_SECONDS'
+
+  rateLimit: 'RATE_LIMIT'
+
+  integrations:
+    default:
+      fetchLimit: 'FETCH_LIMIT'
+
+private:
+  azure_devops_token: 'AZURE_DEVOPS_TOKEN'
+  bintray_user: 'BINTRAY_USER'
+  bintray_apikey: 'BINTRAY_API_KEY'
+  bitbucket_username: 'BITBUCKET_USER'
+  bitbucket_password: 'BITBUCKET_PASS'
+  bitbucket_server_username: 'BITBUCKET_SERVER_USER'
+  bitbucket_server_password: 'BITBUCKET_SERVER_PASS'
+  drone_token: 'DRONE_TOKEN'
+  gh_client_id: 'GH_CLIENT_ID'
+  gh_client_secret: 'GH_CLIENT_SECRET'
+  gh_token: 'GH_TOKEN'
+  jenkins_user: 'JENKINS_USER'
+  jenkins_pass: 'JENKINS_PASS'
+  jira_user: 'JIRA_USER'
+  jira_pass: 'JIRA_PASS'
+  nexus_user: 'NEXUS_USER'
+  nexus_pass: 'NEXUS_PASS'
+  npm_token: 'NPM_TOKEN'
+  redis_url: 'REDIS_URL'
+  sentry_dsn: 'SENTRY_DSN'
+  shields_secret: 'SHIELDS_SECRET'
+  sl_insight_userUuid: 'SL_INSIGHT_USER_UUID'
+  sl_insight_apiToken: 'SL_INSIGHT_API_TOKEN'
+  sonarqube_token: 'SONARQUBE_TOKEN'
+  teamcity_user: 'TEAMCITY_USER'
+  teamcity_pass: 'TEAMCITY_PASS'
+  twitch_client_id: 'TWITCH_CLIENT_ID'
+  twitch_client_secret: 'TWITCH_CLIENT_SECRET'
+  wheelmap_token: 'WHEELMAP_TOKEN'
+  influx_username: 'INFLUX_USERNAME'
+  influx_password: 'INFLUX_PASSWORD'
--- a/config/default.yml
+++ b/config/default.yml
@@ -0,0 +1,50 @@
+public:
+  bind:
+    address: '::'
+
+  metrics:
+    prometheus:
+      enabled: false
+      endpointEnabled: false
+    influx:
+      enabled: false
+      timeoutMilliseconds: 1000
+      intervalSeconds: 15
+  ssl:
+    isSecure: false
+
+  cors:
+    allowedOrigin: []
+
+  persistence:
+    dir: './private'
+
+  services:
+    github:
+      baseUri: 'https://api.github.com/'
+      debug:
+        enabled: false
+        intervalSeconds: 200
+    trace: false
+
+  cacheHeaders:
+    defaultCacheLengthSeconds: 120
+
+  rateLimit: true
+
+  handleInternalErrors: true
+
+  integrations:
+    default:
+      fetchLimit: '10MB'
+
+    DynamicJson:
+      fetchLimit: '2MB'
+
+    DynamicXml:
+      fetchLimit: '128KB'
+
+    DynamicYaml:
+      fetchLimit: '64KB'
+
+private: {}
--- a/config/development.yml
+++ b/config/development.yml
@@ -0,0 +1,10 @@
+public:
+  bind:
+    address: 'localhost'
+
+  cors:
+    allowedOrigin: ['http://localhost:3000']
+
+  rateLimit: false
+
+  handleInternalErrors: false
--- a/config/local-shields-io-production.template.yml
+++ b/config/local-shields-io-production.template.yml
@@ -0,0 +1,12 @@
+private:
+  # These are the keys which are set on the production servers.
+  gh_client_id: ...
+  gh_client_secret: ...
+  redis_url: ...
+  sentry_dsn: ...
+  shields_secret: ...
+  sl_insight_userUuid: ...
+  sl_insight_apiToken: ...
+  twitch_client_id: ...
+  twitch_client_secret: ...
+  wheelmap_token: ...
--- a/config/local.template.yml
+++ b/config/local.template.yml
@@ -0,0 +1,10 @@
+# Copy this file to `config/local.yml` and fill it in! It will be gitignored.
+
+private:
+  # The possible values are documented in `doc/server-secrets.md`. Note that
+  # you can also set these values through environment variables, which may be
+  # preferable for self hosting.
+  gh_token: '...'
+  twitch_client_id: '...'
+  twitch_client_secret: '...'
+  wheelmap_token: '...'
--- a/config/production.yml
+++ b/config/production.yml
@@ -0,0 +1,3 @@
+public:
+  bind:
+    address: '0.0.0.0'
--- a/config/shields-io-production.yml
+++ b/config/shields-io-production.yml
@@ -0,0 +1,19 @@
+public:
+  metrics:
+    prometheus:
+      enabled: true
+      endpointEnabled: true
+
+  ssl:
+    isSecure: true
+
+  cors:
+    allowedOrigin: ['http://shields.io', 'https://shields.io']
+
+  redirectUrl: 'https://shields.io/'
+
+  rasterUrl: 'https://raster.shields.io'
+
+private:
+  # These are not really private; they should be moved to `public`.
+  shields_ips: ['192.99.59.72', '51.254.114.150', '149.56.96.133']
--- a/config/test.yml
+++ b/config/test.yml
@@ -0,0 +1,12 @@
+public:
+  bind:
+    address: 'localhost'
+    port: 1111
+
+  rateLimit: false
+
+  redirectUrl: 'http://frontend.example.test'
+
+  rasterUrl: 'http://raster.example.test'
+
+  handleInternalErrors: false
--- a/core/badge-urls/make-badge-url.d.ts
+++ b/core/badge-urls/make-badge-url.d.ts
@@ -0,0 +1,108 @@
+export function badgeUrlFromPath({
+  baseUrl,
+  path,
+  queryParams,
+  style,
+  format,
+  longCache,
+}: {
+  baseUrl?: string
+  path: string
+  queryParams: { [k: string]: string | number | boolean }
+  style?: string
+  format?: string
+  longCache?: boolean
+}): string
+
+export function badgeUrlFromPattern({
+  baseUrl,
+  pattern,
+  namedParams,
+  queryParams,
+  style,
+  format,
+  longCache,
+}: {
+  baseUrl?: string
+  pattern: string
+  namedParams: { [k: string]: string }
+  queryParams: { [k: string]: string | number | boolean }
+  style?: string
+  format?: string
+  longCache?: boolean
+}): string
+
+export function encodeField(s: string): string
+
+export function staticBadgeUrl({
+  baseUrl,
+  label,
+  message,
+  color,
+  style,
+  namedLogo,
+  format,
+}: {
+  baseUrl?: string
+  label: string
+  message: string
+  color?: string
+  style?: string
+  namedLogo?: string
+  format?: string
+}): string
+
+export function queryStringStaticBadgeUrl({
+  baseUrl,
+  label,
+  message,
+  color,
+  labelColor,
+  style,
+  namedLogo,
+  logoColor,
+  logoWidth,
+  logoPosition,
+  format,
+}: {
+  baseUrl?: string
+  label: string
+  message: string
+  color?: string
+  labelColor?: string
+  style?: string
+  namedLogo?: string
+  logoColor?: string
+  logoWidth?: number
+  logoPosition?: number
+  format?: string
+}): string
+
+export function dynamicBadgeUrl({
+  baseUrl,
+  datatype,
+  label,
+  dataUrl,
+  query,
+  prefix,
+  suffix,
+  color,
+  style,
+  format,
+}: {
+  baseUrl?: string
+  datatype: string
+  label: string
+  dataUrl: string
+  query: string
+  prefix: string
+  suffix: string
+  color?: string
+  style?: string
+  format?: string
+}): string
+
+export function rasterRedirectUrl(
+  { rasterUrl }: { rasterUrl: string },
+  badgeUrl: string
+): string
--- a/core/badge-urls/make-badge-url.js
+++ b/core/badge-urls/make-badge-url.js
@@ -0,0 +1,160 @@
+'use strict'
+
+const { URL } = require('url')
+const queryString = require('query-string')
+const { compile } = require('path-to-regexp')
+
+function badgeUrlFromPath({
+  baseUrl = '',
+  path,
+  queryParams,
+  style,
+  format = '',
+  longCache = false,
+}) {
+  const outExt = format.length ? `.${format}` : ''
+
+  const outQueryString = queryString.stringify({
+    cacheSeconds: longCache ? '2592000' : undefined,
+    style,
+    ...queryParams,
+  })
+  const suffix = outQueryString ? `?${outQueryString}` : ''
+
+  return `${baseUrl}${path}${outExt}${suffix}`
+}
+
+function badgeUrlFromPattern({
+  baseUrl = '',
+  pattern,
+  namedParams,
+  queryParams,
+  style,
+  format = '',
+  longCache = false,
+}) {
+  const toPath = compile(pattern, {
+    strict: true,
+    sensitive: true,
+    encode: encodeURIComponent,
+  })
+
+  const path = toPath(namedParams)
+
+  return badgeUrlFromPath({
+    baseUrl,
+    path,
+    queryParams,
+    style,
+    format,
+    longCache,
+  })
+}
+
+function encodeField(s) {
+  return encodeURIComponent(s.replace(/-/g, '--').replace(/_/g, '__'))
+}
+
+function staticBadgeUrl({
+  baseUrl = '',
+  label,
+  message,
+  color = 'lightgray',
+  style,
+  namedLogo,
+  format = '',
+}) {
+  const path = [label, message, color].map(encodeField).join('-')
+  const outQueryString = queryString.stringify({
+    style,
+    logo: namedLogo,
+  })
+  const outExt = format.length ? `.${format}` : ''
+  const suffix = outQueryString ? `?${outQueryString}` : ''
+  return `${baseUrl}/badge/${path}${outExt}${suffix}`
+}
+
+function queryStringStaticBadgeUrl({
+  baseUrl = '',
+  label,
+  message,
+  color,
+  labelColor,
+  style,
+  namedLogo,
+  logoColor,
+  logoWidth,
+  logoPosition,
+  format = '',
+}) {
+  // schemaVersion could be a parameter if we iterate on it,
+  // for now it's hardcoded to the only supported version.
+  const schemaVersion = '1'
+  const suffix = `?${queryString.stringify({
+    label,
+    message,
+    color,
+    labelColor,
+    style,
+    logo: namedLogo,
+    logoColor,
+    logoWidth,
+    logoPosition,
+  })}`
+  const outExt = format.length ? `.${format}` : ''
+  return `${baseUrl}/static/v${schemaVersion}${outExt}${suffix}`
+}
+
+function dynamicBadgeUrl({
+  baseUrl,
+  datatype,
+  label,
+  dataUrl,
+  query,
+  prefix,
+  suffix,
+  color,
+  style,
+  format = '',
+}) {
+  const outExt = format.length ? `.${format}` : ''
+
+  const queryParams = {
+    label,
+    url: dataUrl,
+    query,
+    style,
+  }
+
+  if (color) {
+    queryParams.color = color
+  }
+  if (prefix) {
+    queryParams.prefix = prefix
+  }
+  if (suffix) {
+    queryParams.suffix = suffix
+  }
+
+  const outQueryString = queryString.stringify(queryParams)
+  return `${baseUrl}/badge/dynamic/${datatype}${outExt}?${outQueryString}`
+}
+
+function rasterRedirectUrl({ rasterUrl }, badgeUrl) {
+  // Ensure we're always using the `rasterUrl` by using just the path from
+  // the request URL.
+  const { pathname, search } = new URL(badgeUrl, 'https://bogus.test')
+  const result = new URL(pathname, rasterUrl)
+  result.search = search
+  return result
+}
+
+module.exports = {
+  badgeUrlFromPath,
+  badgeUrlFromPattern,
+  encodeField,
+  staticBadgeUrl,
+  queryStringStaticBadgeUrl,
+  dynamicBadgeUrl,
+  rasterRedirectUrl,
+}
--- a/core/badge-urls/make-badge-url.spec.js
+++ b/core/badge-urls/make-badge-url.spec.js
@@ -0,0 +1,157 @@
+'use strict'
+
+const { test, given } = require('sazerac')
+const {
+  badgeUrlFromPath,
+  badgeUrlFromPattern,
+  encodeField,
+  staticBadgeUrl,
+  queryStringStaticBadgeUrl,
+  dynamicBadgeUrl,
+} = require('./make-badge-url')
+
+describe('Badge URL generation functions', function() {
+  test(badgeUrlFromPath, () => {
+    given({
+      baseUrl: 'http://example.com',
+      path: '/npm/v/gh-badges',
+      style: 'flat-square',
+      longCache: true,
+    }).expect(
+      'http://example.com/npm/v/gh-badges?cacheSeconds=2592000&style=flat-square'
+    )
+  })
+
+  test(badgeUrlFromPattern, () => {
+    given({
+      baseUrl: 'http://example.com',
+      pattern: '/npm/v/:packageName',
+      namedParams: { packageName: 'gh-badges' },
+      style: 'flat-square',
+      longCache: true,
+    }).expect(
+      'http://example.com/npm/v/gh-badges?cacheSeconds=2592000&style=flat-square'
+    )
+  })
+
+  test(encodeField, () => {
+    given('foo').expect('foo')
+    given('').expect('')
+    given('happy go lucky').expect('happy%20go%20lucky')
+    given('do-right').expect('do--right')
+    given('it_is_a_snake').expect('it__is__a__snake')
+  })
+
+  test(staticBadgeUrl, () => {
+    given({
+      label: 'foo',
+      message: 'bar',
+      color: 'blue',
+      style: 'flat-square',
+    }).expect('/badge/foo-bar-blue?style=flat-square')
+    given({
+      label: 'foo',
+      message: 'bar',
+      color: 'blue',
+      style: 'flat-square',
+      format: 'png',
+      namedLogo: 'github',
+    }).expect('/badge/foo-bar-blue.png?logo=github&style=flat-square')
+    given({
+      label: 'Hello World',
+      message: 'Привет Мир',
+      color: '#aabbcc',
+    }).expect(
+      '/badge/Hello%20World-%D0%9F%D1%80%D0%B8%D0%B2%D0%B5%D1%82%20%D0%9C%D0%B8%D1%80-%23aabbcc'
+    )
+    given({
+      label: '123-123',
+      message: 'abc-abc',
+      color: 'blue',
+    }).expect('/badge/123--123-abc--abc-blue')
+    given({
+      label: '123-123',
+      message: '',
+      color: 'blue',
+      style: 'social',
+    }).expect('/badge/123--123--blue?style=social')
+    given({
+      label: '',
+      message: 'blue',
+      color: 'blue',
+    }).expect('/badge/-blue-blue')
+  })
+
+  test(queryStringStaticBadgeUrl, () => {
+    // the query-string library sorts parameters by name
+    given({
+      label: 'foo',
+      message: 'bar',
+      color: 'blue',
+      style: 'flat-square',
+    }).expect('/static/v1?color=blue&label=foo&message=bar&style=flat-square')
+    given({
+      label: 'foo Bar',
+      message: 'bar Baz',
+      color: 'blue',
+      style: 'flat-square',
+      format: 'png',
+      namedLogo: 'github',
+    }).expect(
+      '/static/v1.png?color=blue&label=foo%20Bar&logo=github&message=bar%20Baz&style=flat-square'
+    )
+    given({
+      label: 'Hello World',
+      message: 'Привет Мир',
+      color: '#aabbcc',
+    }).expect(
+      '/static/v1?color=%23aabbcc&label=Hello%20World&message=%D0%9F%D1%80%D0%B8%D0%B2%D0%B5%D1%82%20%D0%9C%D0%B8%D1%80'
+    )
+  })
+
+  test(dynamicBadgeUrl, () => {
+    const dataUrl = 'http://example.com/foo.json'
+    const query = '$.bar'
+    const prefix = 'value: '
+    given({
+      baseUrl: 'http://img.example.com',
+      datatype: 'json',
+      label: 'foo',
+      dataUrl,
+      query,
+      prefix,
+      style: 'plastic',
+    }).expect(
+      [
+        'http://img.example.com/badge/dynamic/json',
+        '?label=foo',
+        `&prefix=${encodeURIComponent(prefix)}`,
+        `&query=${encodeURIComponent(query)}`,
+        '&style=plastic',
+        `&url=${encodeURIComponent(dataUrl)}`,
+      ].join('')
+    )
+    const suffix = '<- value'
+    const color = 'blue'
+    given({
+      baseUrl: 'http://img.example.com',
+      datatype: 'json',
+      label: 'foo',
+      dataUrl,
+      query,
+      suffix,
+      color,
+      style: 'plastic',
+    }).expect(
+      [
+        'http://img.example.com/badge/dynamic/json',
+        '?color=blue',
+        '&label=foo',
+        `&query=${encodeURIComponent(query)}`,
+        '&style=plastic',
+        `&suffix=${encodeURIComponent(suffix)}`,
+        `&url=${encodeURIComponent(dataUrl)}`,
+      ].join('')
+    )
+  })
+})
--- a/core/badge-urls/path-helpers.js
+++ b/core/badge-urls/path-helpers.js
@@ -0,0 +1,21 @@
+'use strict'
+
+// Escapes `t` using the format specified in
+// <https://github.com/espadrine/gh-badges/issues/12#issuecomment-31518129>
+function escapeFormat(t) {
+  return (
+    t
+      // Inline single underscore.
+      .replace(/([^_])_([^_])/g, '$1 $2')
+      // Leading or trailing underscore.
+      .replace(/([^_])_$/, '$1 ')
+      .replace(/^_([^_])/, ' $1')
+      // Double underscore and double dash.
+      .replace(/__/g, '_')
+      .replace(/--/g, '-')
+  )
+}
+
+module.exports = {
+  escapeFormat,
+}
--- a/core/base-service/auth-helper.js
+++ b/core/base-service/auth-helper.js
@@ -0,0 +1,204 @@
+'use strict'
+
+const { URL } = require('url')
+const { InvalidParameter } = require('./errors')
+
+class AuthHelper {
+  constructor(
+    {
+      userKey,
+      passKey,
+      authorizedOrigins,
+      serviceKey,
+      isRequired = false,
+      defaultToEmptyStringForUser = false,
+    },
+    config
+  ) {
+    if (!userKey && !passKey) {
+      throw Error('Expected userKey or passKey to be set')
+    }
+
+    if (!authorizedOrigins && !serviceKey) {
+      throw Error('Expected authorizedOrigins or serviceKey to be set')
+    }
+
+    this._userKey = userKey
+    this._passKey = passKey
+    if (userKey) {
+      this._user = config.private[userKey]
+    } else {
+      this._user = defaultToEmptyStringForUser ? '' : undefined
+    }
+    this._pass = passKey ? config.private[passKey] : undefined
+    this.isRequired = isRequired
+
+    if (serviceKey !== undefined && !(serviceKey in config.public.services)) {
+      // Keep this as its own error, as it's useful to the programmer as they're
+      // getting auth set up.
+      throw Error(`Service key ${serviceKey} was missing from config schema`)
+    }
+
+    let requireStrictSsl, requireStrictSslToAuthenticate
+    if (serviceKey === undefined) {
+      requireStrictSsl = true
+      requireStrictSslToAuthenticate = true
+    } else {
+      ;({
+        authorizedOrigins,
+        requireStrictSsl = true,
+        requireStrictSslToAuthenticate = true,
+      } = config.public.services[serviceKey])
+    }
+    if (!Array.isArray(authorizedOrigins)) {
+      throw Error('Expected authorizedOrigins to be an array of origins')
+    }
+    this._authorizedOrigins = authorizedOrigins
+    this._requireStrictSsl = requireStrictSsl
+    this._requireStrictSslToAuthenticate = requireStrictSslToAuthenticate
+  }
+
+  get isConfigured() {
+    return (
+      this._authorizedOrigins.length > 0 &&
+      (this._userKey ? Boolean(this._user) : true) &&
+      (this._passKey ? Boolean(this._pass) : true)
+    )
+  }
+
+  get isValid() {
+    if (this.isRequired) {
+      return this.isConfigured
+    } else {
+      const configIsEmpty = !this._user && !this._pass
+      return this.isConfigured || configIsEmpty
+    }
+  }
+
+  static _isInsecureSslRequest({ options = {} }) {
+    const { strictSSL = true } = options
+    return strictSSL !== true
+  }
+
+  enforceStrictSsl({ options = {} }) {
+    if (
+      this._requireStrictSsl &&
+      this.constructor._isInsecureSslRequest({ options })
+    ) {
+      throw new InvalidParameter({ prettyMessage: 'strict ssl is required' })
+    }
+  }
+
+  shouldAuthenticateRequest({ url, options = {} }) {
+    let parsed
+    try {
+      parsed = new URL(url)
+    } catch (e) {
+      throw new InvalidParameter({ prettyMessage: 'invalid url parameter' })
+    }
+
+    const { protocol, host } = parsed
+    const origin = `${protocol}//${host}`
+    const originViolation = !this._authorizedOrigins.includes(origin)
+
+    const strictSslCheckViolation =
+      this._requireStrictSslToAuthenticate &&
+      this.constructor._isInsecureSslRequest({ options })
+
+    return this.isConfigured && !originViolation && !strictSslCheckViolation
+  }
+
+  get _basicAuth() {
+    const { _user: user, _pass: pass } = this
+    return this.isConfigured ? { user, pass } : undefined
+  }
+
+  /*
+   * Helper function for `withBasicAuth()` and friends.
+   */
+  _withAnyAuth(requestParams, mergeAuthFn) {
+    this.enforceStrictSsl(requestParams)
+
+    const shouldAuthenticate = this.shouldAuthenticateRequest(requestParams)
+    if (this.isRequired && !shouldAuthenticate) {
+      throw new InvalidParameter({
+        prettyMessage: 'requested origin not authorized',
+      })
+    }
+
+    return shouldAuthenticate ? mergeAuthFn(requestParams) : requestParams
+  }
+
+  static _mergeAuth(requestParams, auth) {
+    const { options, ...rest } = requestParams
+    return {
+      options: {
+        auth,
+        ...options,
+      },
+      ...rest,
+    }
+  }
+
+  withBasicAuth(requestParams) {
+    return this._withAnyAuth(requestParams, requestParams =>
+      this.constructor._mergeAuth(requestParams, this._basicAuth)
+    )
+  }
+
+  get _bearerAuthHeader() {
+    const { _pass: pass } = this
+    return this.isConfigured ? { Authorization: `Bearer ${pass}` } : undefined
+  }
+
+  static _mergeHeaders(requestParams, headers) {
+    const {
+      options: { headers: existingHeaders, ...restOptions } = {},
+      ...rest
+    } = requestParams
+    return {
+      options: {
+        headers: {
+          ...existingHeaders,
+          ...headers,
+        },
+        ...restOptions,
+      },
+      ...rest,
+    }
+  }
+
+  withBearerAuthHeader(requestParams) {
+    return this._withAnyAuth(requestParams, requestParams =>
+      this.constructor._mergeHeaders(requestParams, this._bearerAuthHeader)
+    )
+  }
+
+  static _mergeQueryParams(requestParams, query) {
+    const {
+      options: { qs: existingQuery, ...restOptions } = {},
+      ...rest
+    } = requestParams
+    return {
+      options: {
+        qs: {
+          ...existingQuery,
+          ...query,
+        },
+        ...restOptions,
+      },
+      ...rest,
+    }
+  }
+
+  withQueryStringAuth({ userKey, passKey }, requestParams) {
+    return this._withAnyAuth(requestParams, requestParams =>
+      this.constructor._mergeQueryParams(requestParams, {
+        ...(userKey ? { [userKey]: this._user } : undefined),
+        ...(passKey ? { [passKey]: this._pass } : undefined),
+      })
+    )
+  }
+}
+
+module.exports = { AuthHelper }
--- a/core/base-service/auth-helper.spec.js
+++ b/core/base-service/auth-helper.spec.js
@@ -0,0 +1,376 @@
+'use strict'
+
+const { expect } = require('chai')
+const { test, given, forCases } = require('sazerac')
+const { AuthHelper } = require('./auth-helper')
+const { InvalidParameter } = require('./errors')
+
+describe('AuthHelper', function() {
+  describe('constructor checks', function() {
+    it('throws without userKey or passKey', function() {
+      expect(() => new AuthHelper({}, {})).to.throw(
+        Error,
+        'Expected userKey or passKey to be set'
+      )
+    })
+    it('throws without serviceKey or authorizedOrigins', function() {
+      expect(
+        () => new AuthHelper({ userKey: 'myci_user', passKey: 'myci_pass' }, {})
+      ).to.throw(Error, 'Expected authorizedOrigins or serviceKey to be set')
+    })
+    it('throws when authorizedOrigins is not an array', function() {
+      expect(
+        () =>
+          new AuthHelper(
+            {
+              userKey: 'myci_user',
+              passKey: 'myci_pass',
+              authorizedOrigins: true,
+            },
+            { private: {} }
+          )
+      ).to.throw(Error, 'Expected authorizedOrigins to be an array of origins')
+    })
+  })
+
+  describe('isValid', function() {
+    function validate(config, privateConfig) {
+      return new AuthHelper(
+        { authorizedOrigins: ['https://example.test'], ...config },
+        { private: privateConfig }
+      ).isValid
+    }
+    test(validate, () => {
+      forCases([
+        // Fully configured user + pass.
+        given(
+          { userKey: 'myci_user', passKey: 'myci_pass', isRequired: true },
+          { myci_user: 'admin', myci_pass: 'abc123' }
+        ),
+        given(
+          { userKey: 'myci_user', passKey: 'myci_pass' },
+          { myci_user: 'admin', myci_pass: 'abc123' }
+        ),
+        // Fully configured user or pass.
+        given(
+          { userKey: 'myci_user', isRequired: true },
+          { myci_user: 'admin' }
+        ),
+        given(
+          { passKey: 'myci_pass', isRequired: true },
+          { myci_pass: 'abc123' }
+        ),
+        given({ userKey: 'myci_user' }, { myci_user: 'admin' }),
+        given({ passKey: 'myci_pass' }, { myci_pass: 'abc123' }),
+        // Empty config.
+        given({ userKey: 'myci_user', passKey: 'myci_pass' }, {}),
+        given({ userKey: 'myci_user' }, {}),
+        given({ passKey: 'myci_pass' }, {}),
+      ]).expect(true)
+
+      forCases([
+        // Partly configured.
+        given(
+          { userKey: 'myci_user', passKey: 'myci_pass', isRequired: true },
+          { myci_user: 'admin' }
+        ),
+        given(
+          { userKey: 'myci_user', passKey: 'myci_pass' },
+          { myci_user: 'admin' }
+        ),
+        // Missing required config.
+        given(
+          { userKey: 'myci_user', passKey: 'myci_pass', isRequired: true },
+          {}
+        ),
+        given({ userKey: 'myci_user', isRequired: true }, {}),
+        given({ passKey: 'myci_pass', isRequired: true }, {}),
+      ]).expect(false)
+    })
+  })
+
+  describe('_basicAuth', function() {
+    function validate(config, privateConfig) {
+      return new AuthHelper(
+        { authorizedOrigins: ['https://example.test'], ...config },
+        { private: privateConfig }
+      )._basicAuth
+    }
+    test(validate, () => {
+      forCases([
+        given(
+          { userKey: 'myci_user', passKey: 'myci_pass', isRequired: true },
+          { myci_user: 'admin', myci_pass: 'abc123' }
+        ),
+        given(
+          { userKey: 'myci_user', passKey: 'myci_pass' },
+          { myci_user: 'admin', myci_pass: 'abc123' }
+        ),
+      ]).expect({ user: 'admin', pass: 'abc123' })
+      given({ userKey: 'myci_user' }, { myci_user: 'admin' }).expect({
+        user: 'admin',
+        pass: undefined,
+      })
+      given({ passKey: 'myci_pass' }, { myci_pass: 'abc123' }).expect({
+        user: undefined,
+        pass: 'abc123',
+      })
+      given({ userKey: 'myci_user', passKey: 'myci_pass' }, {}).expect(
+        undefined
+      )
+      given(
+        { passKey: 'myci_pass', defaultToEmptyStringForUser: true },
+        { myci_pass: 'abc123' }
+      ).expect({
+        user: '',
+        pass: 'abc123',
+      })
+    })
+  })
+
+  describe('_isInsecureSslRequest', function() {
+    test(AuthHelper._isInsecureSslRequest, () => {
+      forCases([
+        given({ url: 'http://example.test' }),
+        given({ url: 'http://example.test', options: {} }),
+        given({ url: 'http://example.test', options: { strictSSL: true } }),
+        given({
+          url: 'http://example.test',
+          options: { strictSSL: undefined },
+        }),
+      ]).expect(false)
+      given({
+        url: 'http://example.test',
+        options: { strictSSL: false },
+      }).expect(true)
+    })
+  })
+
+  describe('enforceStrictSsl', function() {
+    const authConfig = {
+      userKey: 'myci_user',
+      passKey: 'myci_pass',
+      serviceKey: 'myci',
+    }
+
+    context('by default', function() {
+      const authHelper = new AuthHelper(authConfig, {
+        public: {
+          services: { myci: { authorizedOrigins: ['http://myci.test'] } },
+        },
+        private: { myci_user: 'admin', myci_pass: 'abc123' },
+      })
+      it('does not throw for secure requests', function() {
+        expect(() => authHelper.enforceStrictSsl({})).not.to.throw()
+      })
+      it('throws for insecure requests', function() {
+        expect(() =>
+          authHelper.enforceStrictSsl({ options: { strictSSL: false } })
+        ).to.throw(InvalidParameter)
+      })
+    })
+
+    context("when strict SSL isn't required", function() {
+      const authHelper = new AuthHelper(authConfig, {
+        public: {
+          services: {
+            myci: {
+              authorizedOrigins: ['http://myci.test'],
+              requireStrictSsl: false,
+            },
+          },
+        },
+        private: { myci_user: 'admin', myci_pass: 'abc123' },
+      })
+      it('does not throw for secure requests', function() {
+        expect(() => authHelper.enforceStrictSsl({})).not.to.throw()
+      })
+      it('does not throw for insecure requests', function() {
+        expect(() =>
+          authHelper.enforceStrictSsl({ options: { strictSSL: false } })
+        ).not.to.throw()
+      })
+    })
+  })
+
+  describe('shouldAuthenticateRequest', function() {
+    const authConfig = {
+      userKey: 'myci_user',
+      passKey: 'myci_pass',
+      serviceKey: 'myci',
+    }
+
+    context('by default', function() {
+      const authHelper = new AuthHelper(authConfig, {
+        public: {
+          services: {
+            myci: {
+              authorizedOrigins: ['https://myci.test'],
+            },
+          },
+        },
+        private: { myci_user: 'admin', myci_pass: 'abc123' },
+      })
+      const shouldAuthenticateRequest = requestOptions =>
+        authHelper.shouldAuthenticateRequest(requestOptions)
+      describe('a secure request to an authorized origin', function() {
+        test(shouldAuthenticateRequest, () => {
+          given({ url: 'https://myci.test/api' }).expect(true)
+        })
+      })
+      describe('an insecure request', function() {
+        test(shouldAuthenticateRequest, () => {
+          given({
+            url: 'https://myci.test/api',
+            options: { strictSSL: false },
+          }).expect(false)
+        })
+      })
+      describe('a request to an unauthorized origin', function() {
+        test(shouldAuthenticateRequest, () => {
+          forCases([
+            given({ url: 'http://myci.test/api' }),
+            given({ url: 'https://myci.test:12345/api' }),
+            given({ url: 'https://other.test/api' }),
+          ]).expect(false)
+        })
+      })
+    })
+
+    context('when auth over insecure SSL is allowed', function() {
+      const authHelper = new AuthHelper(authConfig, {
+        public: {
+          services: {
+            myci: {
+              authorizedOrigins: ['https://myci.test'],
+              requireStrictSslToAuthenticate: false,
+            },
+          },
+        },
+        private: { myci_user: 'admin', myci_pass: 'abc123' },
+      })
+      const shouldAuthenticateRequest = requestOptions =>
+        authHelper.shouldAuthenticateRequest(requestOptions)
+      describe('a secure request to an authorized origin', function() {
+        test(shouldAuthenticateRequest, () => {
+          given({ url: 'https://myci.test' }).expect(true)
+        })
+      })
+      describe('an insecure request', function() {
+        test(shouldAuthenticateRequest, () => {
+          given({
+            url: 'https://myci.test',
+            options: { strictSSL: false },
+          }).expect(true)
+        })
+      })
+      describe('a request to an unauthorized origin', function() {
+        test(shouldAuthenticateRequest, () => {
+          forCases([
+            given({ url: 'http://myci.test' }),
+            given({ url: 'https://myci.test:12345/' }),
+            given({ url: 'https://other.test' }),
+          ]).expect(false)
+        })
+      })
+    })
+
+    context('when the service is partly configured', function() {
+      const authHelper = new AuthHelper(authConfig, {
+        public: {
+          services: {
+            myci: {
+              authorizedOrigins: ['https://myci.test'],
+              requireStrictSslToAuthenticate: false,
+            },
+          },
+        },
+        private: { myci_user: 'admin' },
+      })
+      const shouldAuthenticateRequest = requestOptions =>
+        authHelper.shouldAuthenticateRequest(requestOptions)
+      describe('a secure request to an authorized origin', function() {
+        test(shouldAuthenticateRequest, () => {
+          given({ url: 'https://myci.test' }).expect(false)
+        })
+      })
+    })
+  })
+
+  describe('withBasicAuth', function() {
+    const authHelper = new AuthHelper(
+      {
+        userKey: 'myci_user',
+        passKey: 'myci_pass',
+        serviceKey: 'myci',
+      },
+      {
+        public: {
+          services: {
+            myci: {
+              authorizedOrigins: ['https://myci.test'],
+            },
+          },
+        },
+        private: { myci_user: 'admin', myci_pass: 'abc123' },
+      }
+    )
+    const withBasicAuth = requestOptions =>
+      authHelper.withBasicAuth(requestOptions)
+
+    describe('authenticates a secure request to an authorized origin', function() {
+      test(withBasicAuth, () => {
+        given({
+          url: 'https://myci.test/api',
+        }).expect({
+          url: 'https://myci.test/api',
+          options: {
+            auth: { user: 'admin', pass: 'abc123' },
+          },
+        })
+        given({
+          url: 'https://myci.test/api',
+          options: {
+            headers: { Accept: 'application/json' },
+          },
+        }).expect({
+          url: 'https://myci.test/api',
+          options: {
+            headers: { Accept: 'application/json' },
+            auth: { user: 'admin', pass: 'abc123' },
+          },
+        })
+      })
+    })
+
+    describe('does not authenticate a request to an unauthorized origin', function() {
+      test(withBasicAuth, () => {
+        given({
+          url: 'https://other.test/api',
+        }).expect({
+          url: 'https://other.test/api',
+        })
+        given({
+          url: 'https://other.test/api',
+          options: {
+            headers: { Accept: 'application/json' },
+          },
+        }).expect({
+          url: 'https://other.test/api',
+          options: {
+            headers: { Accept: 'application/json' },
+          },
+        })
+      })
+    })
+
+    describe('throws on an insecure SSL request', function() {
+      expect(() =>
+        withBasicAuth({
+          url: 'https://myci.test/api',
+          options: { strictSSL: false },
+        })
+      ).to.throw(InvalidParameter)
+    })
+  })
+})
--- a/core/base-service/base-graphql.js
+++ b/core/base-service/base-graphql.js
@@ -0,0 +1,92 @@
+/**
+ * @module
+ */
+
+'use strict'
+
+const { print } = require('graphql/language/printer')
+const BaseService = require('./base')
+const { InvalidResponse, ShieldsRuntimeError } = require('./errors')
+const { parseJson } = require('./json')
+
+function defaultTransformErrors(errors) {
+  return new InvalidResponse({ prettyMessage: errors[0].message })
+}
+
+/**
+ * Services which query a GraphQL endpoint should extend BaseGraphqlService
+ *
+ * @abstract
+ */
+class BaseGraphqlService extends BaseService {
+  /**
+   * Parse data from JSON endpoint
+   *
+   * @param {string} buffer JSON repsonse from upstream API
+   * @returns {object} Parsed response
+   */
+  _parseJson(buffer) {
+    return parseJson(buffer)
+  }
+
+  /**
+   * Request data from an upstream GraphQL API,
+   * parse it and validate against a schema
+   *
+   * @param {object} attrs Refer to individual attrs
+   * @param {Joi} attrs.schema Joi schema to validate the response against
+   * @param {string} attrs.url URL to request
+   * @param {object} attrs.query Parsed GraphQL object
+   *    representing the query clause of GraphQL POST body
+   *    e.g. gql`{ query { ... } }`
+   * @param {object} attrs.variables Variables clause of GraphQL POST body
+   * @param {object} [attrs.options={}] Options to pass to request. See
+   *    [documentation](https://github.com/request/request#requestoptions-callback)
+   * @param {object} [attrs.httpErrorMessages={}] Key-value map of HTTP status codes
+   *    and custom error messages e.g: `{ 404: 'package not found' }`.
+   *    This can be used to extend or override the
+   *    [default](https://github.com/badges/shields/blob/master/core/base-service/check-error-response.js#L5)
+   * @param {Function} [attrs.transformErrors=defaultTransformErrors]
+   *    Function which takes an errors object from a GraphQL
+   *    response and returns an instance of ShieldsRuntimeError.
+   *    The default is to return the first entry of the `errors` array as
+   *    an InvalidResponse.
+   * @returns {object} Parsed response
+   * @see https://github.com/request/request#requestoptions-callback
+   */
+  async _requestGraphql({
+    schema,
+    url,
+    query,
+    variables = {},
+    options = {},
+    httpErrorMessages = {},
+    transformErrors = defaultTransformErrors,
+  }) {
+    const mergedOptions = {
+      ...{ headers: { Accept: 'application/json' } },
+      ...options,
+    }
+    mergedOptions.method = 'POST'
+    mergedOptions.body = JSON.stringify({ query: print(query), variables })
+    const { buffer } = await this._request({
+      url,
+      options: mergedOptions,
+      errorMessages: httpErrorMessages,
+    })
+    const json = this._parseJson(buffer)
+    if (json.errors) {
+      const exception = transformErrors(json.errors)
+      if (exception instanceof ShieldsRuntimeError) {
+        throw exception
+      } else {
+        throw Error(
+          `transformErrors() must return a ShieldsRuntimeError; got ${exception}`
+        )
+      }
+    }
+    return this.constructor._validate(json, schema)
+  }
+}
+
+module.exports = BaseGraphqlService
--- a/core/base-service/base-graphql.spec.js
+++ b/core/base-service/base-graphql.spec.js
@@ -0,0 +1,209 @@
+'use strict'
+
+const Joi = require('@hapi/joi')
+const { expect } = require('chai')
+const gql = require('graphql-tag')
+const sinon = require('sinon')
+const BaseGraphqlService = require('./base-graphql')
+const { InvalidResponse } = require('./errors')
+
+const dummySchema = Joi.object({
+  requiredString: Joi.string().required(),
+}).required()
+
+class DummyGraphqlService extends BaseGraphqlService {
+  static get category() {
+    return 'cat'
+  }
+
+  static get route() {
+    return {
+      base: 'foo',
+    }
+  }
+
+  async handle() {
+    const { requiredString } = await this._requestGraphql({
+      schema: dummySchema,
+      url: 'http://example.com/graphql',
+      query: gql`
+        query {
+          requiredString
+        }
+      `,
+    })
+    return { message: requiredString }
+  }
+}
+
+describe('BaseGraphqlService', function() {
+  describe('Making requests', function() {
+    let sendAndCacheRequest
+    beforeEach(function() {
+      sendAndCacheRequest = sinon.stub().returns(
+        Promise.resolve({
+          buffer: '{"some": "json"}',
+          res: { statusCode: 200 },
+        })
+      )
+    })
+
+    it('invokes _sendAndCacheRequest', async function() {
+      await DummyGraphqlService.invoke(
+        { sendAndCacheRequest },
+        { handleInternalErrors: false }
+      )
+
+      expect(sendAndCacheRequest).to.have.been.calledOnceWith(
+        'http://example.com/graphql',
+        {
+          body: '{"query":"{\\n  requiredString\\n}\\n","variables":{}}',
+          headers: { Accept: 'application/json' },
+          method: 'POST',
+        }
+      )
+    })
+
+    it('forwards options to _sendAndCacheRequest', async function() {
+      class WithOptions extends DummyGraphqlService {
+        async handle() {
+          const { value } = await this._requestGraphql({
+            schema: dummySchema,
+            url: 'http://example.com/graphql',
+            query: gql`
+              query {
+                requiredString
+              }
+            `,
+            options: { qs: { queryParam: 123 } },
+          })
+          return { message: value }
+        }
+      }
+
+      await WithOptions.invoke(
+        { sendAndCacheRequest },
+        { handleInternalErrors: false }
+      )
+
+      expect(sendAndCacheRequest).to.have.been.calledOnceWith(
+        'http://example.com/graphql',
+        {
+          body: '{"query":"{\\n  requiredString\\n}\\n","variables":{}}',
+          headers: { Accept: 'application/json' },
+          method: 'POST',
+          qs: { queryParam: 123 },
+        }
+      )
+    })
+  })
+
+  describe('Making badges', function() {
+    it('handles valid json responses', async function() {
+      const sendAndCacheRequest = async () => ({
+        buffer: '{"requiredString": "some-string"}',
+        res: { statusCode: 200 },
+      })
+      expect(
+        await DummyGraphqlService.invoke(
+          { sendAndCacheRequest },
+          { handleInternalErrors: false }
+        )
+      ).to.deep.equal({
+        message: 'some-string',
+      })
+    })
+
+    it('handles json responses which do not match the schema', async function() {
+      const sendAndCacheRequest = async () => ({
+        buffer: '{"unexpectedKey": "some-string"}',
+        res: { statusCode: 200 },
+      })
+      expect(
+        await DummyGraphqlService.invoke(
+          { sendAndCacheRequest },
+          { handleInternalErrors: false }
+        )
+      ).to.deep.equal({
+        isError: true,
+        color: 'lightgray',
+        message: 'invalid response data',
+      })
+    })
+
+    it('handles unparseable json responses', async function() {
+      const sendAndCacheRequest = async () => ({
+        buffer: 'not json',
+        res: { statusCode: 200 },
+      })
+      expect(
+        await DummyGraphqlService.invoke(
+          { sendAndCacheRequest },
+          { handleInternalErrors: false }
+        )
+      ).to.deep.equal({
+        isError: true,
+        color: 'lightgray',
+        message: 'unparseable json response',
+      })
+    })
+  })
+
+  describe('Error handling', function() {
+    it('handles generic error', async function() {
+      const sendAndCacheRequest = async () => ({
+        buffer: '{ "errors": [ { "message": "oh noes!!" } ] }',
+        res: { statusCode: 200 },
+      })
+      expect(
+        await DummyGraphqlService.invoke(
+          { sendAndCacheRequest },
+          { handleInternalErrors: false }
+        )
+      ).to.deep.equal({
+        isError: true,
+        color: 'lightgray',
+        message: 'oh noes!!',
+      })
+    })
+
+    it('handles custom error', async function() {
+      class WithErrorHandler extends DummyGraphqlService {
+        async handle() {
+          const { requiredString } = await this._requestGraphql({
+            schema: dummySchema,
+            url: 'http://example.com/graphql',
+            query: gql`
+              query {
+                requiredString
+              }
+            `,
+            transformErrors: function(errors) {
+              if (errors[0].message === 'oh noes!!') {
+                return new InvalidResponse({
+                  prettyMessage: 'a terrible thing has happened',
+                })
+              }
+            },
+          })
+          return { message: requiredString }
+        }
+      }
+
+      const sendAndCacheRequest = async () => ({
+        buffer: '{ "errors": [ { "message": "oh noes!!" } ] }',
+        res: { statusCode: 200 },
+      })
+      expect(
+        await WithErrorHandler.invoke(
+          { sendAndCacheRequest },
+          { handleInternalErrors: false }
+        )
+      ).to.deep.equal({
+        isError: true,
+        color: 'lightgray',
+        message: 'a terrible thing has happened',
+      })
+    })
+  })
+})
--- a/core/base-service/base-json.js
+++ b/core/base-service/base-json.js
@@ -0,0 +1,57 @@
+/**
+ * @module
+ */
+
+'use strict'
+
+const BaseService = require('./base')
+const { parseJson } = require('./json')
+
+/**
+ * Services which query a JSON endpoint should extend BaseJsonService
+ *
+ * @abstract
+ */
+class BaseJsonService extends BaseService {
+  /**
+   * Parse data from JSON endpoint
+   *
+   * @param {string} buffer JSON repsonse from upstream API
+   * @returns {object} Parsed response
+   */
+  _parseJson(buffer) {
+    return parseJson(buffer)
+  }
+
+  /**
+   * Request data from an upstream API serving JSON,
+   * parse it and validate against a schema
+   *
+   * @param {object} attrs Refer to individual attrs
+   * @param {Joi} attrs.schema Joi schema to validate the response against
+   * @param {string} attrs.url URL to request
+   * @param {object} [attrs.options={}] Options to pass to request. See
+   *    [documentation](https://github.com/request/request#requestoptions-callback)
+   * @param {object} [attrs.errorMessages={}] Key-value map of status codes
+   *    and custom error messages e.g: `{ 404: 'package not found' }`.
+   *    This can be used to extend or override the
+   *    [default](https://github.com/badges/shields/blob/master/core/base-service/check-error-response.js#L5)
+   * @returns {object} Parsed response
+   * @see https://github.com/request/request#requestoptions-callback
+   */
+  async _requestJson({ schema, url, options = {}, errorMessages = {} }) {
+    const mergedOptions = {
+      ...{ headers: { Accept: 'application/json' } },
+      ...options,
+    }
+    const { buffer } = await this._request({
+      url,
+      options: mergedOptions,
+      errorMessages,
+    })
+    const json = this._parseJson(buffer)
+    return this.constructor._validate(json, schema)
+  }
+}
+
+module.exports = BaseJsonService
--- a/core/base-service/base-json.spec.js
+++ b/core/base-service/base-json.spec.js
@@ -0,0 +1,136 @@
+'use strict'
+
+const Joi = require('@hapi/joi')
+const { expect } = require('chai')
+const sinon = require('sinon')
+const BaseJsonService = require('./base-json')
+
+const dummySchema = Joi.object({
+  requiredString: Joi.string().required(),
+}).required()
+
+class DummyJsonService extends BaseJsonService {
+  static get category() {
+    return 'cat'
+  }
+
+  static get route() {
+    return {
+      base: 'foo',
+    }
+  }
+
+  async handle() {
+    const { requiredString } = await this._requestJson({
+      schema: dummySchema,
+      url: 'http://example.com/foo.json',
+    })
+    return { message: requiredString }
+  }
+}
+
+describe('BaseJsonService', function() {
+  describe('Making requests', function() {
+    let sendAndCacheRequest
+    beforeEach(function() {
+      sendAndCacheRequest = sinon.stub().returns(
+        Promise.resolve({
+          buffer: '{"some": "json"}',
+          res: { statusCode: 200 },
+        })
+      )
+    })
+
+    it('invokes _sendAndCacheRequest', async function() {
+      await DummyJsonService.invoke(
+        { sendAndCacheRequest },
+        { handleInternalErrors: false }
+      )
+
+      expect(sendAndCacheRequest).to.have.been.calledOnceWith(
+        'http://example.com/foo.json',
+        {
+          headers: { Accept: 'application/json' },
+        }
+      )
+    })
+
+    it('forwards options to _sendAndCacheRequest', async function() {
+      class WithOptions extends DummyJsonService {
+        async handle() {
+          const { value } = await this._requestJson({
+            schema: dummySchema,
+            url: 'http://example.com/foo.json',
+            options: { method: 'POST', qs: { queryParam: 123 } },
+          })
+          return { message: value }
+        }
+      }
+
+      await WithOptions.invoke(
+        { sendAndCacheRequest },
+        { handleInternalErrors: false }
+      )
+
+      expect(sendAndCacheRequest).to.have.been.calledOnceWith(
+        'http://example.com/foo.json',
+        {
+          headers: { Accept: 'application/json' },
+          method: 'POST',
+          qs: { queryParam: 123 },
+        }
+      )
+    })
+  })
+
+  describe('Making badges', function() {
+    it('handles valid json responses', async function() {
+      const sendAndCacheRequest = async () => ({
+        buffer: '{"requiredString": "some-string"}',
+        res: { statusCode: 200 },
+      })
+      expect(
+        await DummyJsonService.invoke(
+          { sendAndCacheRequest },
+          { handleInternalErrors: false }
+        )
+      ).to.deep.equal({
+        message: 'some-string',
+      })
+    })
+
+    it('handles json responses which do not match the schema', async function() {
+      const sendAndCacheRequest = async () => ({
+        buffer: '{"unexpectedKey": "some-string"}',
+        res: { statusCode: 200 },
+      })
+      expect(
+        await DummyJsonService.invoke(
+          { sendAndCacheRequest },
+          { handleInternalErrors: false }
+        )
+      ).to.deep.equal({
+        isError: true,
+        color: 'lightgray',
+        message: 'invalid response data',
+      })
+    })
+
+    it('handles unparseable json responses', async function() {
+      const sendAndCacheRequest = async () => ({
+        buffer: 'not json',
+        res: { statusCode: 200 },
+      })
+      expect(
+        await DummyJsonService.invoke(
+          { sendAndCacheRequest },
+          { handleInternalErrors: false }
+        )
+      ).to.deep.equal({
+        isError: true,
+        color: 'lightgray',
+        message: 'unparseable json response',
+      })
+    })
+  })
+})
--- a/core/base-service/base-non-memory-caching.js
+++ b/core/base-service/base-non-memory-caching.js
@@ -0,0 +1,74 @@
+'use strict'
+
+const makeBadge = require('../../gh-badges/lib/make-badge')
+const BaseService = require('./base')
+const { MetricHelper } = require('./metric-helper')
+const { setCacheHeaders } = require('./cache-headers')
+const { makeSend } = require('./legacy-result-sender')
+const coalesceBadge = require('./coalesce-badge')
+const { prepareRoute, namedParamsForMatch } = require('./route')
+
+// Badges are subject to two independent types of caching: in-memory and
+// downstream.
+//
+// Services deriving from `NonMemoryCachingBaseService` are not cached in
+// memory on the server. This means that each request that hits the server
+// triggers another call to the handler. When using badges for server
+// diagnostics, that's useful!
+//
+// In contrast, The `handle()` function of most other `BaseService`
+// subclasses is wrapped in onboard, in-memory caching. See `lib /request-
+// handler.js` and `BaseService.prototype.register()`.
+//
+// All services, including those extending NonMemoryCachingBaseServices, may
+// be cached _downstream_. This is governed by cache headers, which are
+// configured by the service, the user's request, and the server's default
+// cache length.
+module.exports = class NonMemoryCachingBaseService extends BaseService {
+  static register({ camp, metricInstance }, serviceConfig) {
+    const { cacheHeaders: cacheHeaderConfig } = serviceConfig
+    const { _cacheLength: serviceDefaultCacheLengthSeconds } = this
+    const { regex, captureNames } = prepareRoute(this.route)
+
+    const metricHelper = MetricHelper.create({
+      metricInstance,
+      ServiceClass: this,
+    })
+
+    camp.route(regex, async (queryParams, match, end, ask) => {
+      const metricHandle = metricHelper.startRequest()
+
+      const namedParams = namedParamsForMatch(captureNames, match, this)
+      const serviceData = await this.invoke(
+        {},
+        serviceConfig,
+        namedParams,
+        queryParams
+      )
+
+      const badgeData = coalesceBadge(
+        queryParams,
+        serviceData,
+        this.defaultBadgeData,
+        this
+      )
+
+      // The final capture group is the extension.
+      const format = (match.slice(-1)[0] || '.svg').replace(/^\./, '')
+      badgeData.format = format
+
+      const svg = makeBadge(badgeData)
+
+      setCacheHeaders({
+        cacheHeaderConfig,
+        serviceDefaultCacheLengthSeconds,
+        queryParams,
+        res: ask.res,
+      })
+
+      makeSend(format, ask.res, end)(svg)
+
+      metricHandle.noteResponseSent()
+    })
+  }
+}
--- a/core/base-service/base-static.js
+++ b/core/base-service/base-static.js
@@ -0,0 +1,60 @@
+'use strict'
+
+const makeBadge = require('../../gh-badges/lib/make-badge')
+const BaseService = require('./base')
+const {
+  serverHasBeenUpSinceResourceCached,
+  setCacheHeadersForStaticResource,
+} = require('./cache-headers')
+const { makeSend } = require('./legacy-result-sender')
+const { MetricHelper } = require('./metric-helper')
+const coalesceBadge = require('./coalesce-badge')
+const { prepareRoute, namedParamsForMatch } = require('./route')
+
+module.exports = class BaseStaticService extends BaseService {
+  static register({ camp, metricInstance }, serviceConfig) {
+    const { regex, captureNames } = prepareRoute(this.route)
+
+    const metricHelper = MetricHelper.create({
+      metricInstance,
+      ServiceClass: this,
+    })
+
+    camp.route(regex, async (queryParams, match, end, ask) => {
+      if (serverHasBeenUpSinceResourceCached(ask.req)) {
+        // Send Not Modified.
+        ask.res.statusCode = 304
+        ask.res.end()
+        return
+      }
+
+      const metricHandle = metricHelper.startRequest()
+
+      const namedParams = namedParamsForMatch(captureNames, match, this)
+      const serviceData = await this.invoke(
+        {},
+        serviceConfig,
+        namedParams,
+        queryParams
+      )
+
+      const badgeData = coalesceBadge(
+        queryParams,
+        serviceData,
+        this.defaultBadgeData,
+        this
+      )
+
+      // The final capture group is the extension.
+      const format = (match.slice(-1)[0] || '.svg').replace(/^\./, '')
+      badgeData.format = format
+
+      setCacheHeadersForStaticResource(ask.res)
+
+      const svg = makeBadge(badgeData)
+      makeSend(format, ask.res, end)(svg)
+
+      metricHandle.noteResponseSent()
+    })
+  }
+}
--- a/core/base-service/base-svg-scraping.js
+++ b/core/base-service/base-svg-scraping.js
@@ -0,0 +1,93 @@
+/**
+ * @module
+ */
+
+'use strict'
+
+// See available emoji at http://emoji.muan.co/
+const emojic = require('emojic')
+const BaseService = require('./base')
+const trace = require('./trace')
+const { InvalidResponse } = require('./errors')
+
+const defaultValueMatcher = />([^<>]+)<\/text><\/g>/
+const leadingWhitespace = /(?:\r\n\s*|\r\s*|\n\s*)/g
+
+/**
+ * Services which scrape data from another SVG badge
+ * should extend BaseSvgScrapingService
+ *
+ * @abstract
+ */
+class BaseSvgScrapingService extends BaseService {
+  /**
+   * Extract a value from SVG
+   *
+   * @param {string} svg SVG to parse
+   * @param {RegExp} [valueMatcher=defaultValueMatcher]
+   *    RegExp to match the value we want to parse from the SVG
+   * @returns {string} Matched value
+   */
+  static valueFromSvgBadge(svg, valueMatcher = defaultValueMatcher) {
+    if (typeof svg !== 'string') {
+      throw new TypeError('Parameter should be a string')
+    }
+    const stripped = svg.replace(leadingWhitespace, '')
+    const match = valueMatcher.exec(stripped)
+    if (match) {
+      return match[1]
+    } else {
+      throw new InvalidResponse({
+        prettyMessage: 'unparseable svg response',
+        underlyingError: Error(`Can't get value from SVG:\n${svg}`),
+      })
+    }
+  }
+
+  /**
+   * Request data from an endpoint serving SVG,
+   * parse a value from it and validate against a schema
+   *
+   * @param {object} attrs Refer to individual attrs
+   * @param {Joi} attrs.schema Joi schema to validate the response against
+   * @param {RegExp} attrs.valueMatcher
+   *    RegExp to match the value we want to parse from the SVG
+   * @param {string} attrs.url URL to request
+   * @param {object} [attrs.options={}] Options to pass to request. See
+   *    [documentation](https://github.com/request/request#requestoptions-callback)
+   * @param {object} [attrs.errorMessages={}] Key-value map of status codes
+   *    and custom error messages e.g: `{ 404: 'package not found' }`.
+   *    This can be used to extend or override the
+   *    [default](https://github.com/badges/shields/blob/master/core/base-service/check-error-response.js#L5)
+   * @returns {object} Parsed response
+   * @see https://github.com/request/request#requestoptions-callback
+   */
+  async _requestSvg({
+    schema,
+    valueMatcher,
+    url,
+    options = {},
+    errorMessages = {},
+  }) {
+    const logTrace = (...args) => trace.logTrace('fetch', ...args)
+    const mergedOptions = {
+      ...{ headers: { Accept: 'image/svg+xml' } },
+      ...options,
+    }
+    const { buffer } = await this._request({
+      url,
+      options: mergedOptions,
+      errorMessages,
+    })
+    logTrace(emojic.dart, 'Response SVG', buffer)
+    const data = {
+      message: this.constructor.valueFromSvgBadge(buffer, valueMatcher),
+    }
+    logTrace(emojic.dart, 'Response SVG (before validation)', data, {
+      deep: true,
+    })
+    return this.constructor._validate(data, schema)
+  }
+}
+
+module.exports = BaseSvgScrapingService
--- a/core/base-service/base-svg-scraping.spec.js
+++ b/core/base-service/base-svg-scraping.spec.js
@@ -0,0 +1,169 @@
+'use strict'
+
+const { expect } = require('chai')
+const sinon = require('sinon')
+const Joi = require('@hapi/joi')
+const makeBadge = require('../../gh-badges/lib/make-badge')
+const BaseSvgScrapingService = require('./base-svg-scraping')
+
+function makeExampleSvg({ label, message }) {
+  return makeBadge({ text: ['this is the label', 'this is the result!'] })
+}
+
+const schema = Joi.object({
+  message: Joi.string().required(),
+}).required()
+
+class DummySvgScrapingService extends BaseSvgScrapingService {
+  static get category() {
+    return 'cat'
+  }
+
+  static get route() {
+    return {
+      base: 'foo',
+    }
+  }
+
+  async handle() {
+    return this._requestSvg({
+      schema,
+      url: 'http://example.com/foo.svg',
+    })
+  }
+}
+
+describe('BaseSvgScrapingService', function() {
+  const exampleLabel = 'this is the label'
+  const exampleMessage = 'this is the result!'
+  const exampleSvg = makeExampleSvg({
+    label: exampleLabel,
+    message: exampleMessage,
+  })
+
+  describe('valueFromSvgBadge', function() {
+    it('should find the correct value', function() {
+      expect(BaseSvgScrapingService.valueFromSvgBadge(exampleSvg)).to.equal(
+        exampleMessage
+      )
+    })
+  })
+
+  describe('Making requests', function() {
+    let sendAndCacheRequest
+    beforeEach(function() {
+      sendAndCacheRequest = sinon.stub().returns(
+        Promise.resolve({
+          buffer: exampleSvg,
+          res: { statusCode: 200 },
+        })
+      )
+    })
+
+    it('invokes _sendAndCacheRequest with the expected header', async function() {
+      await DummySvgScrapingService.invoke(
+        { sendAndCacheRequest },
+        { handleInternalErrors: false }
+      )
+
+      expect(sendAndCacheRequest).to.have.been.calledOnceWith(
+        'http://example.com/foo.svg',
+        {
+          headers: { Accept: 'image/svg+xml' },
+        }
+      )
+    })
+
+    it('forwards options to _sendAndCacheRequest', async function() {
+      class WithCustomOptions extends DummySvgScrapingService {
+        async handle() {
+          const { message } = await this._requestSvg({
+            schema,
+            url: 'http://example.com/foo.svg',
+            options: {
+              method: 'POST',
+              qs: { queryParam: 123 },
+            },
+          })
+          return { message }
+        }
+      }
+
+      await WithCustomOptions.invoke(
+        { sendAndCacheRequest },
+        { handleInternalErrors: false }
+      )
+
+      expect(sendAndCacheRequest).to.have.been.calledOnceWith(
+        'http://example.com/foo.svg',
+        {
+          method: 'POST',
+          headers: { Accept: 'image/svg+xml' },
+          qs: { queryParam: 123 },
+        }
+      )
+    })
+  })
+
+  describe('Making badges', function() {
+    it('handles valid svg responses', async function() {
+      const sendAndCacheRequest = async () => ({
+        buffer: exampleSvg,
+        res: { statusCode: 200 },
+      })
+      expect(
+        await DummySvgScrapingService.invoke(
+          { sendAndCacheRequest },
+          { handleInternalErrors: false }
+        )
+      ).to.deep.equal({
+        message: exampleMessage,
+      })
+    })
+
+    it('allows overriding the valueMatcher', async function() {
+      class WithValueMatcher extends BaseSvgScrapingService {
+        static get route() {
+          return {}
+        }
+
+        async handle() {
+          return this._requestSvg({
+            schema,
+            valueMatcher: />([^<>]+)<\/desc>/,
+            url: 'http://example.com/foo.svg',
+          })
+        }
+      }
+      const sendAndCacheRequest = async () => ({
+        buffer: '<desc>a different message</desc>',
+        res: { statusCode: 200 },
+      })
+      expect(
+        await WithValueMatcher.invoke(
+          { sendAndCacheRequest },
+          { handleInternalErrors: false }
+        )
+      ).to.deep.equal({
+        message: 'a different message',
+      })
+    })
+
+    it('handles unparseable svg responses', async function() {
+      const sendAndCacheRequest = async () => ({
+        buffer: 'not svg yo',
+        res: { statusCode: 200 },
+      })
+      expect(
+        await DummySvgScrapingService.invoke(
+          { sendAndCacheRequest },
+          { handleInternalErrors: false }
+        )
+      ).to.deep.equal({
+        isError: true,
+        color: 'lightgray',
+        message: 'unparseable svg response',
+      })
+    })
+  })
+})
--- a/core/base-service/base-xml.js
+++ b/core/base-service/base-xml.js
@@ -0,0 +1,71 @@
+/**
+ * @module
+ */
+
+'use strict'
+
+// See available emoji at http://emoji.muan.co/
+const emojic = require('emojic')
+const fastXmlParser = require('fast-xml-parser')
+const BaseService = require('./base')
+const trace = require('./trace')
+const { InvalidResponse } = require('./errors')
+
+/**
+ * Services which query a XML endpoint should extend BaseXmlService
+ *
+ * @abstract
+ */
+class BaseXmlService extends BaseService {
+  /**
+   * Request data from an upstream API serving XML,
+   * parse it and validate against a schema
+   *
+   * @param {object} attrs Refer to individual attrs
+   * @param {Joi} attrs.schema Joi schema to validate the response against
+   * @param {string} attrs.url URL to request
+   * @param {object} [attrs.options={}] Options to pass to request. See
+   *    [documentation](https://github.com/request/request#requestoptions-callback)
+   * @param {object} [attrs.errorMessages={}] Key-value map of status codes
+   *    and custom error messages e.g: `{ 404: 'package not found' }`.
+   *    This can be used to extend or override the
+   *    [default](https://github.com/badges/shields/blob/master/core/base-service/check-error-response.js#L5)
+   * @param {object} [attrs.parserOptions={}] Options to pass to fast-xml-parser. See
+   *    [documentation](https://github.com/NaturalIntelligence/fast-xml-parser#xml-to-json)
+   * @returns {object} Parsed response
+   * @see https://github.com/request/request#requestoptions-callback
+   * @see https://github.com/NaturalIntelligence/fast-xml-parser#xml-to-json
+   */
+  async _requestXml({
+    schema,
+    url,
+    options = {},
+    errorMessages = {},
+    parserOptions = {},
+  }) {
+    const logTrace = (...args) => trace.logTrace('fetch', ...args)
+    const mergedOptions = {
+      ...{ headers: { Accept: 'application/xml, text/xml' } },
+      ...options,
+    }
+    const { buffer } = await this._request({
+      url,
+      options: mergedOptions,
+      errorMessages,
+    })
+    const validateResult = fastXmlParser.validate(buffer)
+    if (validateResult !== true) {
+      throw new InvalidResponse({
+        prettyMessage: 'unparseable xml response',
+        underlyingError: validateResult.err,
+      })
+    }
+    const xml = fastXmlParser.parse(buffer, parserOptions)
+    logTrace(emojic.dart, 'Response XML (before validation)', xml, {
+      deep: true,
+    })
+    return this.constructor._validate(xml, schema)
+  }
+}
+
+module.exports = BaseXmlService
--- a/core/base-service/base-xml.spec.js
+++ b/core/base-service/base-xml.spec.js
@@ -0,0 +1,167 @@
+'use strict'
+
+const Joi = require('@hapi/joi')
+const { expect } = require('chai')
+const sinon = require('sinon')
+const BaseXmlService = require('./base-xml')
+
+const dummySchema = Joi.object({
+  requiredString: Joi.string().required(),
+}).required()
+
+class DummyXmlService extends BaseXmlService {
+  static get category() {
+    return 'cat'
+  }
+
+  static get route() {
+    return {
+      base: 'foo',
+    }
+  }
+
+  async handle() {
+    const { requiredString } = await this._requestXml({
+      schema: dummySchema,
+      url: 'http://example.com/foo.xml',
+    })
+    return { message: requiredString }
+  }
+}
+
+describe('BaseXmlService', function() {
+  describe('Making requests', function() {
+    let sendAndCacheRequest
+    beforeEach(function() {
+      sendAndCacheRequest = sinon.stub().returns(
+        Promise.resolve({
+          buffer: '<requiredString>some-string</requiredString>',
+          res: { statusCode: 200 },
+        })
+      )
+    })
+
+    it('invokes _sendAndCacheRequest', async function() {
+      await DummyXmlService.invoke(
+        { sendAndCacheRequest },
+        { handleInternalErrors: false }
+      )
+
+      expect(sendAndCacheRequest).to.have.been.calledOnceWith(
+        'http://example.com/foo.xml',
+        {
+          headers: { Accept: 'application/xml, text/xml' },
+        }
+      )
+    })
+
+    it('forwards options to _sendAndCacheRequest', async function() {
+      class WithCustomOptions extends BaseXmlService {
+        static get route() {
+          return {}
+        }
+
+        async handle() {
+          const { requiredString } = await this._requestXml({
+            schema: dummySchema,
+            url: 'http://example.com/foo.xml',
+            options: { method: 'POST', qs: { queryParam: 123 } },
+          })
+          return { message: requiredString }
+        }
+      }
+
+      await WithCustomOptions.invoke(
+        { sendAndCacheRequest },
+        { handleInternalErrors: false }
+      )
+
+      expect(sendAndCacheRequest).to.have.been.calledOnceWith(
+        'http://example.com/foo.xml',
+        {
+          headers: { Accept: 'application/xml, text/xml' },
+          method: 'POST',
+          qs: { queryParam: 123 },
+        }
+      )
+    })
+  })
+
+  describe('Making badges', function() {
+    it('handles valid xml responses', async function() {
+      const sendAndCacheRequest = async () => ({
+        buffer: '<requiredString>some-string</requiredString>',
+        res: { statusCode: 200 },
+      })
+      expect(
+        await DummyXmlService.invoke(
+          { sendAndCacheRequest },
+          { handleInternalErrors: false }
+        )
+      ).to.deep.equal({
+        message: 'some-string',
+      })
+    })
+
+    it('parses XML response with custom parser options', async function() {
+      const customParserOption = { trimValues: false }
+      class DummyXmlServiceWithParserOption extends DummyXmlService {
+        async handle() {
+          const { requiredString } = await this._requestXml({
+            schema: dummySchema,
+            url: 'http://example.com/foo.xml',
+            parserOptions: customParserOption,
+          })
+          return { message: requiredString }
+        }
+      }
+      const sendAndCacheRequest = async () => ({
+        buffer:
+          '<requiredString>some-string with trailing whitespace   </requiredString>',
+        res: { statusCode: 200 },
+      })
+      expect(
+        await DummyXmlServiceWithParserOption.invoke(
+          { sendAndCacheRequest },
+          { handleInternalErrors: false }
+        )
+      ).to.deep.equal({
+        message: 'some-string with trailing whitespace   ',
+      })
+    })
+
+    it('handles xml responses which do not match the schema', async function() {
+      const sendAndCacheRequest = async () => ({
+        buffer: '<unexpectedAttribute>some-string</unexpectedAttribute>',
+        res: { statusCode: 200 },
+      })
+      expect(
+        await DummyXmlService.invoke(
+          { sendAndCacheRequest },
+          { handleInternalErrors: false }
+        )
+      ).to.deep.equal({
+        isError: true,
+        color: 'lightgray',
+        message: 'invalid response data',
+      })
+    })
+
+    it('handles unparseable xml responses', async function() {
+      const sendAndCacheRequest = async () => ({
+        buffer: 'not xml',
+        res: { statusCode: 200 },
+      })
+      expect(
+        await DummyXmlService.invoke(
+          { sendAndCacheRequest },
+          { handleInternalErrors: false }
+        )
+      ).to.deep.equal({
+        isError: true,
+        color: 'lightgray',
+        message: 'unparseable xml response',
+      })
+    })
+  })
+})
--- a/core/base-service/base-yaml.js
+++ b/core/base-service/base-yaml.js
@@ -0,0 +1,75 @@
+/**
+ * @module
+ */
+
+'use strict'
+
+const emojic = require('emojic')
+const yaml = require('js-yaml')
+const BaseService = require('./base')
+const { InvalidResponse } = require('./errors')
+const trace = require('./trace')
+
+/**
+ * Services which query a YAML endpoint should extend BaseYamlService
+ *
+ * @abstract
+ */
+class BaseYamlService extends BaseService {
+  /**
+   * Request data from an upstream API serving YAML,
+   * parse it and validate against a schema
+   *
+   * @param {object} attrs Refer to individual attrs
+   * @param {Joi} attrs.schema Joi schema to validate the response against
+   * @param {string} attrs.url URL to request
+   * @param {object} [attrs.options={}] Options to pass to request. See
+   *    [documentation](https://github.com/request/request#requestoptions-callback)
+   * @param {object} [attrs.errorMessages={}] Key-value map of status codes
+   *    and custom error messages e.g: `{ 404: 'package not found' }`.
+   *    This can be used to extend or override the
+   *    [default](https://github.com/badges/shields/blob/master/core/base-service/check-error-response.js#L5)
+   * @param {object} [attrs.encoding='utf8'] Character encoding
+   * @returns {object} Parsed response
+   * @see https://github.com/request/request#requestoptions-callback
+   */
+  async _requestYaml({
+    schema,
+    url,
+    options = {},
+    errorMessages = {},
+    encoding = 'utf8',
+  }) {
+    const logTrace = (...args) => trace.logTrace('fetch', ...args)
+    const mergedOptions = {
+      ...{
+        headers: {
+          Accept:
+            'text/x-yaml, text/yaml, application/x-yaml, application/yaml, text/plain',
+        },
+      },
+      ...options,
+    }
+    const { buffer } = await this._request({
+      url,
+      options: mergedOptions,
+      errorMessages,
+    })
+    let parsed
+    try {
+      parsed = yaml.safeLoad(buffer.toString(), encoding)
+    } catch (err) {
+      logTrace(emojic.dart, 'Response YAML (unparseable)', buffer)
+      throw new InvalidResponse({
+        prettyMessage: 'unparseable yaml response',
+        underlyingError: err,
+      })
+    }
+    logTrace(emojic.dart, 'Response YAML (before validation)', parsed, {
+      deep: true,
+    })
+    return this.constructor._validate(parsed, schema)
+  }
+}
+
+module.exports = BaseYamlService
--- a/core/base-service/base-yaml.spec.js
+++ b/core/base-service/base-yaml.spec.js
@@ -0,0 +1,158 @@
+'use strict'
+
+const Joi = require('@hapi/joi')
+const { expect } = require('chai')
+const sinon = require('sinon')
+const BaseYamlService = require('./base-yaml')
+
+const dummySchema = Joi.object({
+  requiredString: Joi.string().required(),
+}).required()
+
+class DummyYamlService extends BaseYamlService {
+  static get category() {
+    return 'cat'
+  }
+
+  static get route() {
+    return {
+      base: 'foo',
+    }
+  }
+
+  async handle() {
+    const { requiredString } = await this._requestYaml({
+      schema: dummySchema,
+      url: 'http://example.com/foo.yaml',
+    })
+    return { message: requiredString }
+  }
+}
+
+const expectedYaml = `
+---
+requiredString: some-string
+`
+
+const unexpectedYaml = `
+---
+unexpectedKey: some-string
+`
+
+const invalidYaml = `
+---
+foo: bar
+foo: baz
+`
+
+describe('BaseYamlService', function() {
+  describe('Making requests', function() {
+    let sendAndCacheRequest
+    beforeEach(function() {
+      sendAndCacheRequest = sinon.stub().returns(
+        Promise.resolve({
+          buffer: expectedYaml,
+          res: { statusCode: 200 },
+        })
+      )
+    })
+
+    it('invokes _sendAndCacheRequest', async function() {
+      await DummyYamlService.invoke(
+        { sendAndCacheRequest },
+        { handleInternalErrors: false }
+      )
+
+      expect(sendAndCacheRequest).to.have.been.calledOnceWith(
+        'http://example.com/foo.yaml',
+        {
+          headers: {
+            Accept:
+              'text/x-yaml, text/yaml, application/x-yaml, application/yaml, text/plain',
+          },
+        }
+      )
+    })
+
+    it('forwards options to _sendAndCacheRequest', async function() {
+      class WithOptions extends DummyYamlService {
+        async handle() {
+          const { requiredString } = await this._requestYaml({
+            schema: dummySchema,
+            url: 'http://example.com/foo.yaml',
+            options: { method: 'POST', qs: { queryParam: 123 } },
+          })
+          return { message: requiredString }
+        }
+      }
+
+      await WithOptions.invoke(
+        { sendAndCacheRequest },
+        { handleInternalErrors: false }
+      )
+
+      expect(sendAndCacheRequest).to.have.been.calledOnceWith(
+        'http://example.com/foo.yaml',
+        {
+          headers: {
+            Accept:
+              'text/x-yaml, text/yaml, application/x-yaml, application/yaml, text/plain',
+          },
+          method: 'POST',
+          qs: { queryParam: 123 },
+        }
+      )
+    })
+  })
+
+  describe('Making badges', function() {
+    it('handles valid yaml responses', async function() {
+      const sendAndCacheRequest = async () => ({
+        buffer: expectedYaml,
+        res: { statusCode: 200 },
+      })
+      expect(
+        await DummyYamlService.invoke(
+          { sendAndCacheRequest },
+          { handleInternalErrors: false }
+        )
+      ).to.deep.equal({
+        message: 'some-string',
+      })
+    })
+
+    it('handles yaml responses which do not match the schema', async function() {
+      const sendAndCacheRequest = async () => ({
+        buffer: unexpectedYaml,
+        res: { statusCode: 200 },
+      })
+      expect(
+        await DummyYamlService.invoke(
+          { sendAndCacheRequest },
+          { handleInternalErrors: false }
+        )
+      ).to.deep.equal({
+        isError: true,
+        color: 'lightgray',
+        message: 'invalid response data',
+      })
+    })
+
+    it('handles unparseable yaml responses', async function() {
+      const sendAndCacheRequest = async () => ({
+        buffer: invalidYaml,
+        res: { statusCode: 200 },
+      })
+      expect(
+        await DummyYamlService.invoke(
+          { sendAndCacheRequest },
+          { handleInternalErrors: false }
+        )
+      ).to.deep.equal({
+        isError: true,
+        color: 'lightgray',
+        message: 'unparseable yaml response',
+      })
+    })
+  })
+})
--- a/core/base-service/base.js
+++ b/core/base-service/base.js
@@ -0,0 +1,572 @@
+'use strict'
+/**
+ * @module
+ */
+
+const bytes = require('bytes')
+// See available emoji at http://emoji.muan.co/
+const emojic = require('emojic')
+const Joi = require('@hapi/joi')
+const log = require('../server/log')
+const { AuthHelper } = require('./auth-helper')
+const { MetricHelper, MetricNames } = require('./metric-helper')
+const { assertValidCategory } = require('./categories')
+const checkErrorResponse = require('./check-error-response')
+const coalesceBadge = require('./coalesce-badge')
+const {
+  NotFound,
+  InvalidResponse,
+  Inaccessible,
+  ImproperlyConfigured,
+  InvalidParameter,
+  Deprecated,
+} = require('./errors')
+const { validateExample, transformExample } = require('./examples')
+const {
+  makeFullUrl,
+  assertValidRoute,
+  prepareRoute,
+  namedParamsForMatch,
+  getQueryParamNames,
+} = require('./route')
+const { assertValidServiceDefinition } = require('./service-definitions')
+const trace = require('./trace')
+const validate = require('./validate')
+
+const defaultBadgeDataSchema = Joi.object({
+  label: Joi.string(),
+  color: Joi.string(),
+  labelColor: Joi.string(),
+  namedLogo: Joi.string(),
+}).required()
+
+const optionalStringWhenNamedLogoPresent = Joi.alternatives().conditional(
+  'namedLogo',
+  {
+    is: Joi.string().required(),
+    then: Joi.string(),
+  }
+)
+
+const optionalNumberWhenAnyLogoPresent = Joi.alternatives()
+  .conditional('namedLogo', { is: Joi.string().required(), then: Joi.number() })
+  .conditional('logoSvg', { is: Joi.string().required(), then: Joi.number() })
+
+const serviceDataSchema = Joi.object({
+  isError: Joi.boolean(),
+  label: Joi.string().allow(''),
+  // While a number of badges pass a number here, in the long run we may want
+  // `render()` to always return a string.
+  message: Joi.alternatives(Joi.string().allow(''), Joi.number()).required(),
+  color: Joi.string(),
+  link: Joi.array()
+    .items(Joi.string().uri())
+    .single()
+    .max(2),
+  // Generally services should not use these options, which are provided to
+  // support the Endpoint badge.
+  labelColor: Joi.string(),
+  namedLogo: Joi.string(),
+  logoSvg: Joi.string(),
+  logoColor: optionalStringWhenNamedLogoPresent,
+  logoWidth: optionalNumberWhenAnyLogoPresent,
+  logoPosition: optionalNumberWhenAnyLogoPresent,
+  cacheSeconds: Joi.number()
+    .integer()
+    .min(0),
+  style: Joi.string(),
+})
+  .oxor('namedLogo', 'logoSvg')
+  .required()
+
+/**
+ * Abstract base class which all service classes inherit from.
+ * Concrete implementations of BaseService must implement the methods
+ * category(), route() and handle(namedParams, queryParams)
+ */
+class BaseService {
+  /**
+   * Name of the category to sort this badge into (eg. "build"). Used to sort
+   * the badges on the main shields.io website.
+   *
+   * @abstract
+   * @type {string}
+   */
+  static get category() {
+    throw new Error(`Category not set for ${this.name}`)
+  }
+
+  static get isDeprecated() {
+    return false
+  }
+
+  /**
+   * Route to mount this service on
+   *
+   * @abstract
+   * @type {module:core/base-service/base~Route}
+   */
+  static get route() {
+    throw new Error(`Route not defined for ${this.name}`)
+  }
+
+  /**
+   * Configuration for the authentication helper that prepares credentials
+   * for upstream requests.
+   *
+   * See also the config schema in `./server.js` and `doc/server-secrets.md`.
+   *
+   * To use the configured auth in the handler or fetch method, pass the
+   * credentials to the request. For example:
+   * - `{ options: { auth: this.authHelper.basicAuth } }`
+   * - `{ options: { headers: this.authHelper.bearerAuthHeader } }`
+   * - `{ options: { qs: { token: this.authHelper.pass } } }`
+   *
+   * @abstract
+   * @type {module:core/base-service/base~Auth}
+   */
+  static get auth() {
+    return undefined
+  }
+
+  /**
+   * Array of Example objects describing example URLs for this service.
+   * These should use the format specified in `route`,
+   * and can be used to demonstrate how to use badges for this service.
+   *
+   * The preferred way to specify an example is with `namedParams` which are
+   * substituted into the service's compiled route pattern. The rendered badge
+   * is specified with `staticPreview`.
+   *
+   * For services which use a route `format`, the `pattern` can be specified as
+   * part of the example.
+   *
+   * @see {@link module:core/base-service/base~Example}
+   * @abstract
+   * @type {module:core/base-service/base~Example[]}
+   */
+  static get examples() {
+    return []
+  }
+
+  static get _cacheLength() {
+    const cacheLengths = {
+      build: 30,
+      license: 3600,
+      version: 300,
+      debug: 60,
+    }
+    return cacheLengths[this.category]
+  }
+
+  /**
+   * Default data for the badge.
+   * These defaults are used if the value is neither included in the service data
+   * from the handler nor overridden by the user via query parameters.
+   *
+   * @type {module:core/base-service/base~DefaultBadgeData}
+   */
+  static get defaultBadgeData() {
+    return {}
+  }
+
+  static render(props) {
+    throw new Error(`render() function not implemented for ${this.name}`)
+  }
+
+  static validateDefinition() {
+    assertValidCategory(this.category, `Category for ${this.name}`)
+
+    assertValidRoute(this.route, `Route for ${this.name}`)
+
+    Joi.assert(
+      this.defaultBadgeData,
+      defaultBadgeDataSchema,
+      `Default badge data for ${this.name}`
+    )
+
+    this.examples.forEach((example, index) =>
+      validateExample(example, index, this)
+    )
+  }
+
+  static getDefinition() {
+    const { category, name, isDeprecated } = this
+    const { base, format, pattern } = this.route
+    const queryParams = getQueryParamNames(this.route)
+
+    const examples = this.examples.map((example, index) =>
+      transformExample(example, index, this)
+    )
+
+    let route
+    if (pattern) {
+      route = { pattern: makeFullUrl(base, pattern), queryParams }
+    } else if (format) {
+      route = { format, queryParams }
+    } else {
+      route = undefined
+    }
+
+    const result = { category, name, isDeprecated, route, examples }
+
+    assertValidServiceDefinition(result, `getDefinition() for ${this.name}`)
+
+    return result
+  }
+
+  constructor(
+    { sendAndCacheRequest, authHelper, metricHelper },
+    { handleInternalErrors }
+  ) {
+    this._requestFetcher = sendAndCacheRequest
+    this.authHelper = authHelper
+    this._handleInternalErrors = handleInternalErrors
+    this._metricHelper = metricHelper
+  }
+
+  async _request({ url, options = {}, errorMessages = {} }) {
+    const logTrace = (...args) => trace.logTrace('fetch', ...args)
+    logTrace(emojic.bowAndArrow, 'Request', url, '\n', options)
+    const { res, buffer } = await this._requestFetcher(url, options)
+    await this._meterResponse(res, buffer)
+    logTrace(emojic.dart, 'Response status code', res.statusCode)
+    return checkErrorResponse(errorMessages)({ buffer, res })
+  }
+
+  static get enabledMetrics() {
+    return []
+  }
+
+  static isMetricEnabled(metricName) {
+    return this.enabledMetrics.includes(metricName)
+  }
+
+  async _meterResponse(res, buffer) {
+    if (
+      this._metricHelper &&
+      this.constructor.isMetricEnabled(MetricNames.SERVICE_RESPONSE_SIZE) &&
+      res.statusCode === 200
+    ) {
+      this._metricHelper.noteServiceResponseSize(buffer.length)
+    }
+  }
+
+  static _validate(
+    data,
+    schema,
+    {
+      prettyErrorMessage = 'invalid response data',
+      includeKeys = false,
+      allowAndStripUnknownKeys = true,
+    } = {}
+  ) {
+    return validate(
+      {
+        ErrorClass: InvalidResponse,
+        prettyErrorMessage,
+        includeKeys,
+        traceErrorMessage: 'Response did not match schema',
+        traceSuccessMessage: 'Response after validation',
+        allowAndStripUnknownKeys,
+      },
+      data,
+      schema
+    )
+  }
+
+  /**
+   * Asynchronous function to handle requests for this service. Take the route
+   * parameters (as defined in the `route` property), perform a request using
+   * `this._sendAndCacheRequest`, and return the badge data.
+   *
+   * @abstract
+   * @param {object} namedParams Params parsed from route pattern
+   *    defined in this.route.pattern or this.route.capture
+   * @param {object} queryParams Params parsed from the query string
+   * @returns {module:core/base-service/base~Badge}
+   *    badge Object validated against serviceDataSchema
+   */
+  async handle(namedParams, queryParams) {
+    throw new Error(`Handler not implemented for ${this.constructor.name}`)
+  }
+
+  // Making this an instance method ensures debuggability.
+  // https://github.com/badges/shields/issues/3784
+  _validateServiceData(serviceData) {
+    Joi.assert(serviceData, serviceDataSchema)
+  }
+
+  _handleError(error) {
+    if (error instanceof NotFound || error instanceof InvalidParameter) {
+      trace.logTrace('outbound', emojic.noGoodWoman, 'Handled error', error)
+      return {
+        isError: true,
+        message: error.prettyMessage,
+        color: 'red',
+      }
+    } else if (
+      error instanceof ImproperlyConfigured ||
+      error instanceof InvalidResponse ||
+      error instanceof Inaccessible ||
+      error instanceof Deprecated
+    ) {
+      trace.logTrace('outbound', emojic.noGoodWoman, 'Handled error', error)
+      return {
+        isError: true,
+        message: error.prettyMessage,
+        color: 'lightgray',
+      }
+    } else if (this._handleInternalErrors) {
+      if (
+        !trace.logTrace(
+          'unhandledError',
+          emojic.boom,
+          'Unhandled internal error',
+          error
+        )
+      ) {
+        // This is where we end up if an unhandled exception is thrown in
+        // production. Send the error to Sentry and the logs.
+        log.error(error)
+      }
+      return {
+        isError: true,
+        label: 'shields',
+        message: 'internal error',
+        color: 'lightgray',
+      }
+    } else {
+      trace.logTrace(
+        'unhandledError',
+        emojic.boom,
+        'Unhandled internal error',
+        error
+      )
+      throw error
+    }
+  }
+
+  static async invoke(
+    context = {},
+    config = {},
+    namedParams = {},
+    queryParams = {}
+  ) {
+    trace.logTrace('inbound', emojic.womanCook, 'Service class', this.name)
+    trace.logTrace('inbound', emojic.ticket, 'Named params', namedParams)
+    trace.logTrace('inbound', emojic.crayon, 'Query params', queryParams)
+
+    // Like the service instance, the auth helper could be reused for each request.
+    // However, moving its instantiation to `register()` makes `invoke()` harder
+    // to test.
+    const authHelper = this.auth ? new AuthHelper(this.auth, config) : undefined
+
+    const serviceInstance = new this({ ...context, authHelper }, config)
+
+    let serviceError
+    if (authHelper && !authHelper.isValid) {
+      const prettyMessage = authHelper.isRequired
+        ? 'credentials have not been configured'
+        : 'credentials are misconfigured'
+      serviceError = new ImproperlyConfigured({ prettyMessage })
+    }
+
+    const { queryParamSchema } = this.route
+    let transformedQueryParams
+    if (!serviceError && queryParamSchema) {
+      try {
+        transformedQueryParams = validate(
+          {
+            ErrorClass: InvalidParameter,
+            prettyErrorMessage: 'invalid query parameter',
+            includeKeys: true,
+            traceErrorMessage: 'Query params did not match schema',
+            traceSuccessMessage: 'Query params after validation',
+          },
+          queryParams,
+          queryParamSchema
+        )
+        trace.logTrace(
+          'inbound',
+          emojic.crayon,
+          'Query params after validation',
+          queryParams
+        )
+      } catch (error) {
+        serviceError = error
+      }
+    } else {
+      transformedQueryParams = {}
+    }
+
+    let serviceData
+    if (!serviceError) {
+      try {
+        serviceData = await serviceInstance.handle(
+          namedParams,
+          transformedQueryParams
+        )
+        serviceInstance._validateServiceData(serviceData)
+      } catch (error) {
+        serviceError = error
+      }
+    }
+
+    if (serviceError) {
+      serviceData = serviceInstance._handleError(serviceError)
+    }
+
+    trace.logTrace('outbound', emojic.shield, 'Service data', serviceData)
+
+    return serviceData
+  }
+
+  static register(
+    { camp, handleRequest, githubApiProvider, metricInstance },
+    serviceConfig
+  ) {
+    const { cacheHeaders: cacheHeaderConfig, fetchLimit } = serviceConfig
+    const fetchLimitBytes = bytes.parse(fetchLimit)
+    const { regex, captureNames } = prepareRoute(this.route)
+    const queryParams = getQueryParamNames(this.route)
+
+    const metricHelper = MetricHelper.create({
+      metricInstance,
+      ServiceClass: this,
+    })
+
+    camp.route(
+      regex,
+      handleRequest(cacheHeaderConfig, {
+        queryParams,
+        handler: async (queryParams, match, sendBadge, request) => {
+          const metricHandle = metricHelper.startRequest()
+
+          const namedParams = namedParamsForMatch(captureNames, match, this)
+          const serviceData = await this.invoke(
+            {
+              sendAndCacheRequest: request.asPromise,
+              sendAndCacheRequestWithCallbacks: request,
+              githubApiProvider,
+              metricHelper,
+            },
+            serviceConfig,
+            namedParams,
+            queryParams
+          )
+
+          const badgeData = coalesceBadge(
+            queryParams,
+            serviceData,
+            this.defaultBadgeData,
+            this
+          )
+          // The final capture group is the extension.
+          const format = (match.slice(-1)[0] || '.svg').replace(/^\./, '')
+          sendBadge(format, badgeData)
+
+          metricHandle.noteResponseSent()
+        },
+        cacheLength: this._cacheLength,
+        fetchLimitBytes,
+      })
+    )
+  }
+}
+
+/**
+ * Default badge properties, validated against defaultBadgeDataSchema
+ *
+ * @typedef {object} DefaultBadgeData
+ * @property {string} label (Optional)
+ * @property {string} color (Optional)
+ * @property {string} labelColor (Optional)
+ * @property {string} namedLogo (Optional)
+ */
+
+/**
+ * Badge Object, validated against serviceDataSchema
+ *
+ * @typedef {object} Badge
+ * @property {boolean} isError (Optional)
+ * @property {string} label (Optional)
+ * @property {(string|number)} message
+ * @property {string} color (Optional)
+ * @property {string[]} link (Optional)
+ */
+
+/**
+ * @typedef {object} Route
+ * @property {string} base
+ *    (Optional) The base path of the routes for this service.
+ *    This is used as a prefix.
+ * @property {string} pattern
+ *    A path-to-regexp pattern defining the route pattern and param names
+ *    See {@link https://www.npmjs.com/package/path-to-regexp}
+ * @property {RegExp} format
+ *    Deprecated: Regular expression to use for routes for this service's badges
+ *    Use `pattern` instead
+ * @property {string[]} capture
+ *    Deprecated: Array of names for the capture groups in the regular
+ *    expression. The handler will be passed an object containing
+ *    the matches.
+ *    Use `pattern` instead
+ * @property {Joi.object} queryParamSchema
+ *    (Optional) A Joi schema (`Joi.object({ ... }).required()`)
+ *    for the query param object. If you know a parameter
+ *    will never receive a numeric string, you can use
+ *    `Joi.string()`. Because of quirks in Scoutcamp and Joi,
+ *    alphanumeric strings should be declared using
+ *    `Joi.alternatives().try(Joi.string(), Joi.number())`,
+ *    otherwise a value like `?success_color=999` will fail.
+ *    A parameter requiring a numeric string can use
+ *    `Joi.number()`. A parameter that receives only non-numeric
+ *    strings can use `Joi.string()`. A parameter that never
+ *    receives numeric can use `Joi.string()`. A boolean
+ *    parameter should use `Joi.equal('')` and will receive an
+ *    empty string on e.g. `?compact_message` and undefined
+ *    when the parameter is absent. (Note that in,
+ *    `examples.queryParams` boolean query params should be given
+ *    `null` values.)
+ */
+
+/**
+ * @typedef {object} Auth
+ * @property {string} userKey
+ *    (Optional) The key from `privateConfig` to use as the username.
+ * @property {string} passKey
+ *    (Optional) The key from `privateConfig` to use as the password.
+ *    If auth is configured, either `userKey` or `passKey` is required.
+ * @property {string} isRequired
+ *    (Optional) If `true`, the service will return `NotFound` unless the
+ *    configured credentials are present.
+ */
+
+/**
+ * @typedef {object} Example
+ * @property {string} title
+ *    Descriptive text that will be shown next to the badge. The default
+ *    is to use the service class name, which probably is not what you want.
+ * @property {object} namedParams
+ *    An object containing the values of named parameters to
+ *    substitute into the compiled route pattern.
+ * @property {object} queryParams
+ *    An object containing query parameters to include in the
+ *    example URLs. For alphanumeric query parameters, specify a string value.
+ *    For boolean query parameters, specify `null`.
+ * @property {string} pattern
+ *    The route pattern to compile. Defaults to `this.route.pattern`.
+ * @property {object} staticPreview
+ *    A rendered badge of the sort returned by `handle()` or
+ *    `render()`: an object containing `message` and optional `label` and
+ *    `color`. This is usually generated by invoking `this.render()` with some
+ *    explicit props.
+ * @property {string[]} keywords
+ *    Additional keywords, other than words in the title. This helps
+ *    users locate relevant badges.
+ * @property {string} documentation
+ *    An HTML string that is included in the badge popup.
+ */
+
+module.exports = BaseService
--- a/core/base-service/base.spec.js
+++ b/core/base-service/base.spec.js
@@ -0,0 +1,623 @@
+'use strict'
+
+const Joi = require('@hapi/joi')
+const chai = require('chai')
+const { expect } = chai
+const sinon = require('sinon')
+const prometheus = require('prom-client')
+const PrometheusMetrics = require('../server/prometheus-metrics')
+const trace = require('./trace')
+const {
+  NotFound,
+  Inaccessible,
+  InvalidResponse,
+  InvalidParameter,
+  Deprecated,
+} = require('./errors')
+const BaseService = require('./base')
+const { MetricHelper, MetricNames } = require('./metric-helper')
+require('../register-chai-plugins.spec')
+chai.use(require('chai-as-promised'))
+
+const queryParamSchema = Joi.object({
+  queryParamA: Joi.string(),
+})
+  .rename('legacyQueryParamA', 'queryParamA', {
+    ignoreUndefined: true,
+    override: true,
+  })
+  .required()
+
+class DummyService extends BaseService {
+  static get category() {
+    return 'other'
+  }
+
+  static get route() {
+    return {
+      base: 'foo',
+      pattern: ':namedParamA',
+      queryParamSchema,
+    }
+  }
+
+  static get examples() {
+    return [
+      {
+        pattern: ':world',
+        namedParams: { world: 'World' },
+        staticPreview: this.render({ namedParamA: 'foo', queryParamA: 'bar' }),
+        keywords: ['hello'],
+      },
+    ]
+  }
+
+  static get defaultBadgeData() {
+    return { label: 'cat', namedLogo: 'appveyor' }
+  }
+
+  static render({ namedParamA, queryParamA }) {
+    return {
+      message: `Hello namedParamA: ${namedParamA} with queryParamA: ${queryParamA}`,
+    }
+  }
+
+  async handle({ namedParamA }, { queryParamA }) {
+    return this.constructor.render({ namedParamA, queryParamA })
+  }
+}
+
+class DummyServiceWithServiceResponseSizeMetricEnabled extends DummyService {
+  static get enabledMetrics() {
+    return [MetricNames.SERVICE_RESPONSE_SIZE]
+  }
+}
+
+describe('BaseService', function() {
+  const defaultConfig = {
+    public: {
+      handleInternalErrors: false,
+      services: {},
+    },
+    private: {},
+  }
+
+  it('Invokes the handler as expected', async function() {
+    expect(
+      await DummyService.invoke(
+        {},
+        defaultConfig,
+        { namedParamA: 'bar.bar.bar' },
+        { queryParamA: '!' }
+      )
+    ).to.deep.equal({
+      message: 'Hello namedParamA: bar.bar.bar with queryParamA: !',
+    })
+  })
+
+  it('Validates query params', async function() {
+    expect(
+      await DummyService.invoke(
+        {},
+        defaultConfig,
+        { namedParamA: 'bar.bar.bar' },
+        { queryParamA: ['foo', 'bar'] }
+      )
+    ).to.deep.equal({
+      color: 'red',
+      isError: true,
+      message: 'invalid query parameter: queryParamA',
+    })
+  })
+
+  describe('Required overrides', function() {
+    it('Should throw if render() is not overridden', function() {
+      expect(() => BaseService.render()).to.throw(
+        /^render\(\) function not implemented for BaseService$/
+      )
+    })
+
+    it('Should throw if route is not overridden', function() {
+      return expect(BaseService.invoke({}, {}, {})).to.be.rejectedWith(
+        /^Route not defined for BaseService$/
+      )
+    })
+
+    class WithRoute extends BaseService {
+      static get route() {
+        return {}
+      }
+    }
+    it('Should throw if handle() is not overridden', function() {
+      return expect(WithRoute.invoke({}, {}, {})).to.be.rejectedWith(
+        /^Handler not implemented for WithRoute$/
+      )
+    })
+
+    it('Should throw if category is not overridden', function() {
+      expect(() => BaseService.category).to.throw(
+        /^Category not set for BaseService$/
+      )
+    })
+  })
+
+  describe('Logging', function() {
+    let sandbox
+    beforeEach(function() {
+      sandbox = sinon.createSandbox()
+    })
+    afterEach(function() {
+      sandbox.restore()
+    })
+    beforeEach(function() {
+      sandbox.stub(trace, 'logTrace')
+    })
+    it('Invokes the logger as expected', async function() {
+      await DummyService.invoke(
+        {},
+        defaultConfig,
+        { namedParamA: 'bar.bar.bar' },
+        { queryParamA: '!' }
+      )
+      expect(trace.logTrace).to.be.calledWithMatch(
+        'inbound',
+        sinon.match.string,
+        'Service class',
+        'DummyService'
+      )
+      expect(trace.logTrace).to.be.calledWith(
+        'inbound',
+        sinon.match.string,
+        'Named params',
+        { namedParamA: 'bar.bar.bar' }
+      )
+      expect(trace.logTrace).to.be.calledWith(
+        'inbound',
+        sinon.match.string,
+        'Query params after validation',
+        { queryParamA: '!' }
+      )
+    })
+  })
+
+  describe('Service data validation', function() {
+    it('Allows a link array', async function() {
+      const message = 'hello'
+      const link = ['https://example.com/', 'https://other.example.com/']
+      class LinkService extends DummyService {
+        async handle() {
+          return { message, link }
+        }
+      }
+
+      const serviceData = await LinkService.invoke(
+        {},
+        { handleInternalErrors: false },
+        { namedParamA: 'bar.bar.bar' }
+      )
+
+      expect(serviceData).to.deep.equal({
+        message,
+        link,
+      })
+    })
+
+    context('On invalid data', function() {
+      class ThrowingService extends DummyService {
+        async handle() {
+          return {
+            some: 'nonsense',
+          }
+        }
+      }
+
+      it('Throws a validation error on invalid data', async function() {
+        try {
+          await ThrowingService.invoke(
+            {},
+            { handleInternalErrors: false },
+            { namedParamA: 'bar.bar.bar' }
+          )
+          expect.fail('Expected to throw')
+        } catch (e) {
+          expect(e.name).to.equal('ValidationError')
+          expect(e.details.map(({ message }) => message)).to.deep.equal([
+            '"message" is required',
+          ])
+        }
+      })
+
+      // Ensure debuggabillity.
+      // https://github.com/badges/shields/issues/3784
+      it('Includes the service class in the stack trace', async function() {
+        try {
+          await ThrowingService.invoke(
+            {},
+            { handleInternalErrors: false },
+            { namedParamA: 'bar.bar.bar' }
+          )
+          expect.fail('Expected to throw')
+        } catch (e) {
+          expect(e.stack).to.include('ThrowingService._validateServiceData')
+        }
+      })
+    })
+  })
+
+  describe('Error handling', function() {
+    it('Handles internal errors', async function() {
+      class ThrowingService extends DummyService {
+        async handle() {
+          throw Error("I've made a huge mistake")
+        }
+      }
+      expect(
+        await ThrowingService.invoke(
+          {},
+          { handleInternalErrors: true },
+          { namedParamA: 'bar.bar.bar' }
+        )
+      ).to.deep.equal({
+        isError: true,
+        color: 'lightgray',
+        label: 'shields',
+        message: 'internal error',
+      })
+    })
+
+    describe('Handles known subtypes of ShieldsInternalError', function() {
+      it('handles NotFound errors', async function() {
+        class ThrowingService extends DummyService {
+          async handle() {
+            throw new NotFound()
+          }
+        }
+        expect(
+          await ThrowingService.invoke({}, {}, { namedParamA: 'bar.bar.bar' })
+        ).to.deep.equal({
+          isError: true,
+          color: 'red',
+          message: 'not found',
+        })
+      })
+
+      it('handles Inaccessible errors', async function() {
+        class ThrowingService extends DummyService {
+          async handle() {
+            throw new Inaccessible()
+          }
+        }
+        expect(
+          await ThrowingService.invoke({}, {}, { namedParamA: 'bar.bar.bar' })
+        ).to.deep.equal({
+          isError: true,
+          color: 'lightgray',
+          message: 'inaccessible',
+        })
+      })
+
+      it('handles InvalidResponse errors', async function() {
+        class ThrowingService extends DummyService {
+          async handle() {
+            throw new InvalidResponse()
+          }
+        }
+        expect(
+          await ThrowingService.invoke({}, {}, { namedParamA: 'bar.bar.bar' })
+        ).to.deep.equal({
+          isError: true,
+          color: 'lightgray',
+          message: 'invalid',
+        })
+      })
+
+      it('handles Deprecated', async function() {
+        class ThrowingService extends DummyService {
+          async handle() {
+            throw new Deprecated()
+          }
+        }
+        expect(
+          await ThrowingService.invoke({}, {}, { namedParamA: 'bar.bar.bar' })
+        ).to.deep.equal({
+          isError: true,
+          color: 'lightgray',
+          message: 'no longer available',
+        })
+      })
+
+      it('handles InvalidParameter errors', async function() {
+        class ThrowingService extends DummyService {
+          async handle() {
+            throw new InvalidParameter()
+          }
+        }
+        expect(
+          await ThrowingService.invoke({}, {}, { namedParamA: 'bar.bar.bar' })
+        ).to.deep.equal({
+          isError: true,
+          color: 'red',
+          message: 'invalid parameter',
+        })
+      })
+    })
+  })
+
+  describe('ScoutCamp integration', function() {
+    // TODO Strangly, without the useless escape the regexes do not match in Node 12.
+    // eslint-disable-next-line no-useless-escape
+    const expectedRouteRegex = /^\/foo\/([^\/]+?)(|\.svg|\.json)$/
+
+    let mockCamp
+    let mockHandleRequest
+
+    beforeEach(function() {
+      mockCamp = {
+        route: sinon.spy(),
+      }
+      mockHandleRequest = sinon.spy()
+      DummyService.register(
+        { camp: mockCamp, handleRequest: mockHandleRequest },
+        defaultConfig
+      )
+    })
+
+    it('registers the service', function() {
+      expect(mockCamp.route).to.have.been.calledOnce
+      expect(mockCamp.route).to.have.been.calledWith(expectedRouteRegex)
+    })
+
+    it('handles the request', async function() {
+      expect(mockHandleRequest).to.have.been.calledOnce
+
+      const {
+        queryParams: serviceQueryParams,
+        handler: requestHandler,
+      } = mockHandleRequest.getCall(0).args[1]
+      expect(serviceQueryParams).to.deep.equal([
+        'queryParamA',
+        'legacyQueryParamA',
+      ])
+
+      const mockSendBadge = sinon.spy()
+      const mockRequest = {
+        asPromise: sinon.spy(),
+      }
+      const queryParams = { queryParamA: '?' }
+      const match = '/foo/bar.svg'.match(expectedRouteRegex)
+      await requestHandler(queryParams, match, mockSendBadge, mockRequest)
+
+      const expectedFormat = 'svg'
+      expect(mockSendBadge).to.have.been.calledOnce
+      expect(mockSendBadge).to.have.been.calledWith(expectedFormat, {
+        text: ['cat', 'Hello namedParamA: bar with queryParamA: ?'],
+        color: 'lightgrey',
+        template: undefined,
+        namedLogo: undefined,
+        logo: undefined,
+        logoWidth: undefined,
+        logoPosition: undefined,
+        links: [],
+        labelColor: undefined,
+        cacheLengthSeconds: undefined,
+      })
+    })
+  })
+
+  describe('getDefinition', function() {
+    it('returns the expected result', function() {
+      const {
+        category,
+        name,
+        isDeprecated,
+        route,
+        examples,
+      } = DummyService.getDefinition()
+      expect({
+        category,
+        name,
+        isDeprecated,
+        route,
+      }).to.deep.equal({
+        category: 'other',
+        name: 'DummyService',
+        isDeprecated: false,
+        route: {
+          pattern: '/foo/:namedParamA',
+          queryParams: ['queryParamA', 'legacyQueryParamA'],
+        },
+      })
+      // The in-depth tests for examples reside in examples.spec.js
+      expect(examples).to.have.lengthOf(1)
+    })
+  })
+
+  describe('validate', function() {
+    const dummySchema = Joi.object({
+      requiredString: Joi.string().required(),
+    }).required()
+
+    it('throws error for invalid responses', function() {
+      expect(() =>
+        DummyService._validate(
+          { requiredString: ['this', "shouldn't", 'work'] },
+          dummySchema
+        )
+      )
+        .to.throw()
+        .instanceof(InvalidResponse)
+    })
+  })
+
+  describe('request', function() {
+    let sandbox
+    beforeEach(function() {
+      sandbox = sinon.createSandbox()
+    })
+    afterEach(function() {
+      sandbox.restore()
+    })
+    beforeEach(function() {
+      sandbox.stub(trace, 'logTrace')
+    })
+
+    it('logs appropriate information', async function() {
+      const sendAndCacheRequest = async () => ({
+        buffer: '',
+        res: { statusCode: 200 },
+      })
+      const serviceInstance = new DummyService(
+        { sendAndCacheRequest },
+        defaultConfig
+      )
+
+      const url = 'some-url'
+      const options = { headers: { Cookie: 'some-cookie' } }
+      await serviceInstance._request({ url, options })
+
+      expect(trace.logTrace).to.be.calledWithMatch(
+        'fetch',
+        sinon.match.string,
+        'Request',
+        url,
+        '\n',
+        options
+      )
+      expect(trace.logTrace).to.be.calledWithMatch(
+        'fetch',
+        sinon.match.string,
+        'Response status code',
+        200
+      )
+    })
+
+    it('handles errors', async function() {
+      const sendAndCacheRequest = async () => ({
+        buffer: '',
+        res: { statusCode: 404 },
+      })
+      const serviceInstance = new DummyService(
+        { sendAndCacheRequest },
+        defaultConfig
+      )
+
+      try {
+        await serviceInstance._request({})
+        expect.fail('Expected to throw')
+      } catch (e) {
+        expect(e).to.be.an.instanceof(NotFound)
+        expect(e.message).to.equal('Not Found')
+        expect(e.prettyMessage).to.equal('not found')
+      }
+    })
+  })
+
+  describe('Metrics', function() {
+    let register
+    beforeEach(function() {
+      register = new prometheus.Registry()
+    })
+    const url = 'some-url'
+
+    it('service response size metric is optional', async function() {
+      const metricHelper = MetricHelper.create({
+        metricInstance: new PrometheusMetrics({ register }),
+        ServiceClass: DummyServiceWithServiceResponseSizeMetricEnabled,
+      })
+      const sendAndCacheRequest = async () => ({
+        buffer: 'x'.repeat(65536 + 1),
+        res: { statusCode: 200 },
+      })
+      const serviceInstance = new DummyServiceWithServiceResponseSizeMetricEnabled(
+        { sendAndCacheRequest, metricHelper },
+        defaultConfig
+      )
+
+      await serviceInstance._request({ url })
+
+      expect(register.getSingleMetricAsString('service_response_bytes'))
+        .to.contain(
+          'service_response_bytes_bucket{le="65536",category="other",family="undefined",service="dummy_service_with_service_response_size_metric_enabled"} 0\n'
+        )
+        .and.to.contain(
+          'service_response_bytes_bucket{le="131072",category="other",family="undefined",service="dummy_service_with_service_response_size_metric_enabled"} 1\n'
+        )
+    })
+
+    it('service response size metric is disabled by default', async function() {
+      const metricHelper = MetricHelper.create({
+        metricInstance: new PrometheusMetrics({ register }),
+        ServiceClass: DummyService,
+      })
+      const sendAndCacheRequest = async () => ({
+        buffer: 'x',
+        res: { statusCode: 200 },
+      })
+      const serviceInstance = new DummyService(
+        { sendAndCacheRequest, metricHelper },
+        defaultConfig
+      )
+
+      await serviceInstance._request({ url })
+
+      expect(
+        register.getSingleMetricAsString('service_response_bytes')
+      ).to.not.contain('service_response_bytes_bucket')
+    })
+  })
+  describe('auth', function() {
+    class AuthService extends DummyService {
+      static get auth() {
+        return {
+          passKey: 'myci_pass',
+          serviceKey: 'myci',
+          isRequired: true,
+        }
+      }
+
+      async handle() {
+        return {
+          message: `The CI password is ${this.authHelper._pass}`,
+        }
+      }
+    }
+
+    it('when auth is configured properly, invoke() sets authHelper', async function() {
+      expect(
+        await AuthService.invoke(
+          {},
+          {
+            public: {
+              ...defaultConfig.public,
+              services: { myci: { authorizedOrigins: ['https://myci.test'] } },
+            },
+            private: { myci_pass: 'abc123' },
+          },
+          { namedParamA: 'bar.bar.bar' }
+        )
+      ).to.deep.equal({ message: 'The CI password is abc123' })
+    })
+
+    it('when auth is not configured properly, invoke() returns inacessible', async function() {
+      expect(
+        await AuthService.invoke(
+          {},
+          {
+            public: {
+              ...defaultConfig.public,
+              services: { myci: { authorizedOrigins: ['https://myci.test'] } },
+            },
+            private: {},
+          },
+          {
+            namedParamA: 'bar.bar.bar',
+          }
+        )
+      ).to.deep.equal({
+        color: 'lightgray',
+        isError: true,
+        message: 'credentials have not been configured',
+      })
+    })
+  })
+})
--- a/core/base-service/cache-headers.js
+++ b/core/base-service/cache-headers.js
@@ -0,0 +1,115 @@
+'use strict'
+
+const assert = require('assert')
+const Joi = require('@hapi/joi')
+const coalesce = require('./coalesce')
+
+const serverStartTimeGMTString = new Date().toGMTString()
+const serverStartTimestamp = Date.now()
+
+const isOptionalNonNegativeInteger = Joi.number()
+  .integer()
+  .min(0)
+
+const queryParamSchema = Joi.object({
+  cacheSeconds: isOptionalNonNegativeInteger,
+  maxAge: isOptionalNonNegativeInteger,
+})
+  .oxor('cacheSeconds', 'maxAge')
+  .unknown(true)
+  .required()
+
+function overrideCacheLengthFromQueryParams(queryParams) {
+  try {
+    const {
+      cacheSeconds: overrideCacheLength,
+      maxAge: legacyOverrideCacheLength,
+    } = Joi.attempt(queryParams, queryParamSchema)
+    return coalesce(overrideCacheLength, legacyOverrideCacheLength)
+  } catch (e) {
+    return undefined
+  }
+}
+
+function coalesceCacheLength({
+  cacheHeaderConfig,
+  serviceDefaultCacheLengthSeconds,
+  serviceOverrideCacheLengthSeconds,
+  queryParams,
+}) {
+  const { defaultCacheLengthSeconds } = cacheHeaderConfig
+  // The config returns a number so this should never happen. But this logic
+  // would be completely broken if it did.
+  assert(defaultCacheLengthSeconds !== undefined)
+
+  const cacheLength = coalesce(
+    serviceDefaultCacheLengthSeconds,
+    defaultCacheLengthSeconds
+  )
+
+  // Overrides can apply _more_ caching, but not less. Query param overriding
+  // can request more overriding than service override, but not less.
+  const candidateOverrides = [
+    serviceOverrideCacheLengthSeconds,
+    overrideCacheLengthFromQueryParams(queryParams),
+  ].filter(x => x !== undefined)
+
+  return Math.max(cacheLength, ...candidateOverrides)
+}
+
+function setHeadersForCacheLength(res, cacheLengthSeconds) {
+  const now = new Date()
+  const nowGMTString = now.toGMTString()
+
+  // Send both Cache-Control max-age and Expires in case the client implements
+  // HTTP/1.0 but not HTTP/1.1.
+  let cacheControl, expires
+  if (cacheLengthSeconds === 0) {
+    // Prevent as much downstream caching as possible.
+    cacheControl = 'no-cache, no-store, must-revalidate'
+    expires = nowGMTString
+  } else {
+    cacheControl = `max-age=${cacheLengthSeconds}`
+    expires = new Date(now.getTime() + cacheLengthSeconds * 1000).toGMTString()
+  }
+
+  res.setHeader('Date', nowGMTString)
+  res.setHeader('Cache-Control', cacheControl)
+  res.setHeader('Expires', expires)
+}
+
+function setCacheHeaders({
+  cacheHeaderConfig,
+  serviceDefaultCacheLengthSeconds,
+  serviceOverrideCacheLengthSeconds,
+  queryParams,
+  res,
+}) {
+  const cacheLengthSeconds = coalesceCacheLength({
+    cacheHeaderConfig,
+    serviceDefaultCacheLengthSeconds,
+    serviceOverrideCacheLengthSeconds,
+    queryParams,
+  })
+  setHeadersForCacheLength(res, cacheLengthSeconds)
+}
+
+const staticCacheControlHeader = `max-age=${24 * 3600}` // 1 day.
+function setCacheHeadersForStaticResource(res) {
+  res.setHeader('Cache-Control', staticCacheControlHeader)
+  res.setHeader('Last-Modified', serverStartTimeGMTString)
+}
+
+function serverHasBeenUpSinceResourceCached(req) {
+  return (
+    serverStartTimestamp <= new Date(req.headers['if-modified-since']).getTime()
+  )
+}
+
+module.exports = {
+  coalesceCacheLength,
+  setCacheHeaders,
+  setHeadersForCacheLength,
+  setCacheHeadersForStaticResource,
+  serverHasBeenUpSinceResourceCached,
+}
--- a/core/base-service/cache-headers.spec.js
+++ b/core/base-service/cache-headers.spec.js
@@ -0,0 +1,241 @@
+'use strict'
+
+const { test, given } = require('sazerac')
+const chai = require('chai')
+const { expect } = require('chai')
+const sinon = require('sinon')
+const httpMocks = require('node-mocks-http')
+const {
+  coalesceCacheLength,
+  setHeadersForCacheLength,
+  setCacheHeaders,
+  setCacheHeadersForStaticResource,
+  serverHasBeenUpSinceResourceCached,
+} = require('./cache-headers')
+
+chai.use(require('chai-datetime'))
+
+describe('Cache header functions', function() {
+  let res
+  beforeEach(function() {
+    res = httpMocks.createResponse()
+  })
+
+  describe('coalesceCacheLength', function() {
+    const cacheHeaderConfig = { defaultCacheLengthSeconds: 777 }
+    test(coalesceCacheLength, () => {
+      given({ cacheHeaderConfig, queryParams: {} }).expect(777)
+      given({
+        cacheHeaderConfig,
+        serviceDefaultCacheLengthSeconds: 900,
+        queryParams: {},
+      }).expect(900)
+      given({
+        cacheHeaderConfig,
+        serviceDefaultCacheLengthSeconds: 900,
+        queryParams: { cacheSeconds: 1000 },
+      }).expect(1000)
+      given({
+        cacheHeaderConfig,
+        serviceDefaultCacheLengthSeconds: 900,
+        queryParams: { cacheSeconds: 1000, other: 'here', maybe: 'bogus' },
+      }).expect(1000)
+      given({
+        cacheHeaderConfig,
+        serviceDefaultCacheLengthSeconds: 900,
+        queryParams: { cacheSeconds: 400 },
+      }).expect(900)
+      given({
+        cacheHeaderConfig,
+        serviceDefaultCacheLengthSeconds: 900,
+        queryParams: { cacheSeconds: '-1000' },
+      }).expect(900)
+      given({
+        cacheHeaderConfig,
+        serviceDefaultCacheLengthSeconds: 900,
+        queryParams: { cacheSeconds: '' },
+      }).expect(900)
+      given({
+        cacheHeaderConfig,
+        serviceDefaultCacheLengthSeconds: 900,
+        queryParams: { cacheSeconds: 'not a number' },
+      }).expect(900)
+      given({
+        cacheHeaderConfig,
+        serviceDefaultCacheLengthSeconds: 900,
+        // Legacy name.
+        queryParams: { maxAge: 1000 },
+      }).expect(1000)
+      given({
+        cacheHeaderConfig,
+        serviceDefaultCacheLengthSeconds: 900,
+        // Both legacy and new name provided -> both ignored.
+        queryParams: { maxAge: 1000, cacheSeconds: 1000 },
+      }).expect(900)
+      given({
+        cacheHeaderConfig,
+        serviceDefaultCacheLengthSeconds: 900,
+        serviceOverrideCacheLengthSeconds: 400,
+        queryParams: {},
+      }).expect(900)
+      given({
+        cacheHeaderConfig,
+        serviceOverrideCacheLengthSeconds: 400,
+        queryParams: {},
+      }).expect(777)
+      given({
+        cacheHeaderConfig,
+        serviceOverrideCacheLengthSeconds: 900,
+        queryParams: {},
+      }).expect(900)
+      given({
+        cacheHeaderConfig,
+        serviceOverrideCacheLengthSeconds: 800,
+        queryParams: { cacheSeconds: 500 },
+      }).expect(800)
+      given({
+        cacheHeaderConfig,
+        serviceOverrideCacheLengthSeconds: 900,
+        queryParams: { cacheSeconds: 800 },
+      }).expect(900)
+    })
+  })
+
+  describe('setHeadersForCacheLength', function() {
+    let sandbox
+    beforeEach(function() {
+      sandbox = sinon.createSandbox()
+      sandbox.useFakeTimers()
+    })
+    afterEach(function() {
+      sandbox.restore()
+      sandbox = undefined
+    })
+
+    it('should set the correct Date header', function() {
+      // Confidence check.
+      expect(res._headers.date).to.equal(undefined)
+
+      // Act.
+      setHeadersForCacheLength(res, 123)
+
+      // Assert.
+      const now = new Date().toGMTString()
+      expect(res._headers.date).to.equal(now)
+    })
+
+    context('cacheLengthSeconds is zero', function() {
+      beforeEach(function() {
+        setHeadersForCacheLength(res, 0)
+      })
+
+      it('should set the expected Cache-Control header', function() {
+        expect(res._headers['cache-control']).to.equal(
+          'no-cache, no-store, must-revalidate'
+        )
+      })
+
+      it('should set the expected Expires header', function() {
+        expect(res._headers.expires).to.equal(new Date().toGMTString())
+      })
+    })
+
+    context('cacheLengthSeconds is nonzero', function() {
+      beforeEach(function() {
+        setHeadersForCacheLength(res, 123)
+      })
+
+      it('should set the expected Cache-Control header', function() {
+        expect(res._headers['cache-control']).to.equal('max-age=123')
+      })
+
+      it('should set the expected Expires header', function() {
+        const expires = new Date(Date.now() + 123 * 1000).toGMTString()
+        expect(res._headers.expires).to.equal(expires)
+      })
+    })
+  })
+
+  describe('setCacheHeaders', function() {
+    it('sets the expected fields', function() {
+      const expectedFields = ['date', 'cache-control', 'expires']
+      expectedFields.forEach(field =>
+        expect(res._headers[field]).to.equal(undefined)
+      )
+
+      setCacheHeaders({
+        cacheHeaderConfig: { defaultCacheLengthSeconds: 1234 },
+        serviceDefaultCacheLengthSeconds: 567,
+        queryParams: { cacheSeconds: 999999 },
+        res,
+      })
+
+      expectedFields.forEach(field =>
+        expect(res._headers[field])
+          .to.be.a('string')
+          .and.have.lengthOf.at.least(1)
+      )
+    })
+  })
+
+  describe('setCacheHeadersForStaticResource', function() {
+    beforeEach(function() {
+      setCacheHeadersForStaticResource(res)
+    })
+
+    it('should set the expected Cache-Control header', function() {
+      expect(res._headers['cache-control']).to.equal(`max-age=${24 * 3600}`)
+    })
+
+    it('should set the expected Last-Modified header', function() {
+      const lastModified = res._headers['last-modified']
+      expect(new Date(lastModified)).to.be.withinTime(
+        // Within the last 60 seconds.
+        new Date(Date.now() - 60 * 1000),
+        new Date()
+      )
+    })
+  })
+
+  describe('serverHasBeenUpSinceResourceCached', function() {
+    // The stringified req's are hard to understand. I thought Sazerac
+    // provided a way to override the describe message, though I can't find it.
+    context('when there is no If-Modified-Since header', function() {
+      it('returns false', function() {
+        const req = httpMocks.createRequest()
+        expect(serverHasBeenUpSinceResourceCached(req)).to.equal(false)
+      })
+    })
+    context('when the If-Modified-Since header is invalid', function() {
+      it('returns false', function() {
+        const req = httpMocks.createRequest({
+          headers: { 'If-Modified-Since': 'this-is-not-a-date' },
+        })
+        expect(serverHasBeenUpSinceResourceCached(req)).to.equal(false)
+      })
+    })
+    context(
+      'when the If-Modified-Since header is before the process started',
+      function() {
+        it('returns false', function() {
+          const req = httpMocks.createRequest({
+            headers: { 'If-Modified-Since': '2018-02-01T05:00:00.000Z' },
+          })
+          expect(serverHasBeenUpSinceResourceCached(req)).to.equal(false)
+        })
+      }
+    )
+    context(
+      'when the If-Modified-Since header is after the process started',
+      function() {
+        it('returns true', function() {
+          const modifiedTimeStamp = new Date(Date.now() + 1800000)
+          const req = httpMocks.createRequest({
+            headers: { 'If-Modified-Since': modifiedTimeStamp.toISOString() },
+          })
+          expect(serverHasBeenUpSinceResourceCached(req)).to.equal(true)
+        })
+      }
+    )
+  })
+})
--- a/core/base-service/categories.js
+++ b/core/base-service/categories.js
@@ -0,0 +1,19 @@
+'use strict'
+
+const Joi = require('@hapi/joi')
+const categories = require('../../services/categories')
+
+const isRealCategory = Joi.equal(...categories.map(({ id }) => id)).required()
+
+const isValidCategory = Joi.alternatives()
+  .try(isRealCategory, Joi.equal('debug', 'dynamic', 'static').required())
+  .required()
+
+function assertValidCategory(category, message = undefined) {
+  Joi.assert(category, isValidCategory, message)
+}
+
+module.exports = {
+  isValidCategory,
+  assertValidCategory,
+}
--- a/core/base-service/check-error-response.js
+++ b/core/base-service/check-error-response.js
@@ -0,0 +1,37 @@
+'use strict'
+
+const { NotFound, InvalidResponse, Inaccessible } = require('./errors')
+
+const defaultErrorMessages = {
+  404: 'not found',
+}
+
+module.exports = function checkErrorResponse(errorMessages = {}) {
+  return async function({ buffer, res }) {
+    let error
+    errorMessages = { ...defaultErrorMessages, ...errorMessages }
+    if (res.statusCode === 404) {
+      error = new NotFound({ prettyMessage: errorMessages[404] })
+    } else if (res.statusCode !== 200) {
+      const underlying = Error(
+        `Got status code ${res.statusCode} (expected 200)`
+      )
+      const props = { underlyingError: underlying }
+      if (errorMessages[res.statusCode] !== undefined) {
+        props.prettyMessage = errorMessages[res.statusCode]
+      }
+      if (res.statusCode >= 500) {
+        error = new Inaccessible(props)
+      } else {
+        error = new InvalidResponse(props)
+      }
+    }
+    if (error) {
+      error.response = res
+      error.buffer = buffer
+      throw error
+    } else {
+      return { buffer, res }
+    }
+  }
+}
--- a/core/base-service/check-error-response.spec.js
+++ b/core/base-service/check-error-response.spec.js
@@ -0,0 +1,113 @@
+'use strict'
+
+const { expect } = require('chai')
+const { NotFound, InvalidResponse, Inaccessible } = require('./errors')
+const checkErrorResponse = require('./check-error-response')
+
+describe('async error handler', function() {
+  const buffer = Buffer.from('some stuff')
+
+  context('when status is 200', function() {
+    it('passes through the inputs', async function() {
+      const res = { statusCode: 200 }
+      expect(await checkErrorResponse()({ res, buffer })).to.deep.equal({
+        res,
+        buffer,
+      })
+    })
+  })
+
+  context('when status is 404', function() {
+    const buffer = Buffer.from('some stuff')
+    const res = { statusCode: 404 }
+
+    it('throws NotFound', async function() {
+      try {
+        await checkErrorResponse()({ res, buffer })
+        expect.fail('Expected to throw')
+      } catch (e) {
+        expect(e).to.be.an.instanceof(NotFound)
+        expect(e.message).to.equal('Not Found')
+        expect(e.prettyMessage).to.equal('not found')
+        expect(e.response).to.equal(res)
+        expect(e.buffer).to.equal(buffer)
+      }
+    })
+
+    it('displays the custom not found message', async function() {
+      const notFoundMessage = 'no goblins found'
+      try {
+        await checkErrorResponse({ 404: notFoundMessage })({ res, buffer })
+        expect.fail('Expected to throw')
+      } catch (e) {
+        expect(e).to.be.an.instanceof(NotFound)
+        expect(e.message).to.equal('Not Found: no goblins found')
+        expect(e.prettyMessage).to.equal('no goblins found')
+      }
+    })
+  })
+
+  context('when status is 4xx', function() {
+    it('throws InvalidResponse', async function() {
+      const res = { statusCode: 499 }
+      try {
+        await checkErrorResponse()({ res, buffer })
+        expect.fail('Expected to throw')
+      } catch (e) {
+        expect(e).to.be.an.instanceof(InvalidResponse)
+        expect(e.message).to.equal(
+          'Invalid Response: Got status code 499 (expected 200)'
+        )
+        expect(e.prettyMessage).to.equal('invalid')
+        expect(e.response).to.equal(res)
+        expect(e.buffer).to.equal(buffer)
+      }
+    })
+
+    it('displays the custom error message', async function() {
+      const res = { statusCode: 403 }
+      try {
+        await checkErrorResponse({ 403: 'access denied' })({ res })
+        expect.fail('Expected to throw')
+      } catch (e) {
+        expect(e).to.be.an.instanceof(InvalidResponse)
+        expect(e.message).to.equal(
+          'Invalid Response: Got status code 403 (expected 200)'
+        )
+        expect(e.prettyMessage).to.equal('access denied')
+      }
+    })
+  })
+
+  context('when status is 5xx', function() {
+    it('throws Inaccessible', async function() {
+      const res = { statusCode: 503 }
+      try {
+        await checkErrorResponse()({ res, buffer })
+        expect.fail('Expected to throw')
+      } catch (e) {
+        expect(e).to.be.an.instanceof(Inaccessible)
+        expect(e.message).to.equal(
+          'Inaccessible: Got status code 503 (expected 200)'
+        )
+        expect(e.prettyMessage).to.equal('inaccessible')
+        expect(e.response).to.equal(res)
+        expect(e.buffer).to.equal(buffer)
+      }
+    })
+
+    it('displays the custom error message', async function() {
+      const res = { statusCode: 500 }
+      try {
+        await checkErrorResponse({ 500: 'server overloaded' })({ res, buffer })
+        expect.fail('Expected to throw')
+      } catch (e) {
+        expect(e).to.be.an.instanceof(Inaccessible)
+        expect(e.message).to.equal(
+          'Inaccessible: Got status code 500 (expected 200)'
+        )
+        expect(e.prettyMessage).to.equal('server overloaded')
+      }
+    })
+  })
+})
--- a/core/base-service/coalesce-badge.js
+++ b/core/base-service/coalesce-badge.js
@@ -0,0 +1,174 @@
+'use strict'
+
+const {
+  decodeDataUrlFromQueryParam,
+  prepareNamedLogo,
+} = require('../../lib/logos')
+const { svg2base64 } = require('../../lib/svg-helpers')
+const coalesce = require('./coalesce')
+const toArray = require('./to-array')
+
+// Translate modern badge data to the legacy schema understood by the badge
+// maker. Allow the user to override the label, color, logo, etc. through the
+// query string. Provide support for most badge options via `serviceData` so
+// the Endpoint badge can specify logos and colors, though allow that the
+// user's logo or color to take precedence. A notable exception is the case of
+// errors. When the service specifies that an error has occurred, the user's
+// requested color does not override the error color.
+//
+// Logos are resolved in this manner:
+//
+// 1. When `?logo=` contains the name of one of the Shields logos, or contains
+//    base64-encoded SVG, that logo is used. In the case of a named logo, when
+//    a `&logoColor=` is specified, that color is used. Otherwise the default
+//    color is used. `logoColor` will not be applied to a custom
+//    (base64-encoded) logo; if a custom color is desired the logo should be
+//    recolored prior to making the request. The appearance of the logo can be
+//    customized using `logoWidth`, and in the case of the popout badge,
+//    `logoPosition`. When `?logo=` is specified, any logo-related parameters
+//    specified dynamically by the service, or by default in the service, are
+//    ignored.
+// 2. The second precedence is the dynamic logo returned by a service. This is
+//    used only by the Endpoint badge. The `logoColor` can be overridden by the
+//    query string.
+// 3. In the case of the `social` style only, the last precedence is the
+//    service's default logo. The `logoColor` can be overridden by the query
+//    string.
+module.exports = function coalesceBadge(
+  overrides,
+  serviceData,
+  // These two parameters were kept separate to make tests clearer.
+  defaultBadgeData,
+  { category, _cacheLength: defaultCacheSeconds } = {}
+) {
+  // The "overrideX" naming is based on services that provide badge
+  // parameters themselves, which can be overridden by a query string
+  // parameter. (For a couple services, the dynamic badge and the
+  // query-string-based static badge, the service never sets a value
+  // so the query string overrides are the _only_ way to configure
+  // these badge parameters.
+  const {
+    style: overrideStyle,
+    label: overrideLabel,
+    logo: overrideLogo,
+    logoColor: overrideLogoColor,
+    link: overrideLink,
+    colorB: legacyOverrideColor,
+    colorA: legacyOverrideLabelColor,
+  } = overrides
+  let {
+    logoWidth: overrideLogoWidth,
+    logoPosition: overrideLogoPosition,
+    color: overrideColor,
+    labelColor: overrideLabelColor,
+  } = overrides
+
+  // Only use the legacy properties if the new ones are not provided
+  if (typeof overrideColor === 'undefined') {
+    overrideColor = legacyOverrideColor
+  }
+  if (typeof overrideLabelColor === 'undefined') {
+    overrideLabelColor = legacyOverrideLabelColor
+  }
+
+  // Scoutcamp converts numeric query params to numbers. Convert them back.
+  if (typeof overrideColor === 'number') {
+    overrideColor = `${overrideColor}`
+  }
+  if (typeof overrideLabelColor === 'number') {
+    overrideLabelColor = `${overrideLabelColor}`
+  }
+  overrideLogoWidth = +overrideLogoWidth || undefined
+  overrideLogoPosition = +overrideLogoPosition || undefined
+
+  const {
+    isError,
+    label: serviceLabel,
+    message: serviceMessage,
+    color: serviceColor,
+    labelColor: serviceLabelColor,
+    logoSvg: serviceLogoSvg,
+    namedLogo: serviceNamedLogo,
+    logoColor: serviceLogoColor,
+    logoWidth: serviceLogoWidth,
+    logoPosition: serviceLogoPosition,
+    link: serviceLink,
+    cacheSeconds: serviceCacheSeconds,
+    style: serviceStyle,
+  } = serviceData
+
+  const {
+    color: defaultColor,
+    namedLogo: defaultNamedLogo,
+    label: defaultLabel,
+    labelColor: defaultLabelColor,
+  } = defaultBadgeData
+
+  const style = coalesce(overrideStyle, serviceStyle)
+
+  let namedLogo, namedLogoColor, logoWidth, logoPosition, logoSvgBase64
+  if (overrideLogo) {
+    // `?logo=` could be a named logo or encoded svg.
+    const overrideLogoSvgBase64 = decodeDataUrlFromQueryParam(overrideLogo)
+    if (overrideLogoSvgBase64) {
+      logoSvgBase64 = overrideLogoSvgBase64
+    } else {
+      namedLogo = overrideLogo
+      // If the logo has been overridden it does not make sense to inherit the
+      // original color.
+      namedLogoColor = overrideLogoColor
+    }
+    // If the logo has been overridden it does not make sense to inherit the
+    // original width or position.
+    logoWidth = overrideLogoWidth
+    logoPosition = overrideLogoPosition
+  } else {
+    if (serviceLogoSvg) {
+      logoSvgBase64 = svg2base64(serviceLogoSvg)
+    } else {
+      namedLogo = coalesce(
+        serviceNamedLogo,
+        style === 'social' ? defaultNamedLogo : undefined
+      )
+      namedLogoColor = coalesce(overrideLogoColor, serviceLogoColor)
+    }
+    logoWidth = coalesce(overrideLogoWidth, serviceLogoWidth)
+    logoPosition = coalesce(overrideLogoPosition, serviceLogoPosition)
+  }
+  if (namedLogo) {
+    logoSvgBase64 = prepareNamedLogo({
+      name: namedLogo,
+      color: namedLogoColor,
+      style,
+    })
+  }
+
+  return {
+    text: [
+      // Use `coalesce()` to support empty labels and messages, as in the
+      // static badge.
+      coalesce(overrideLabel, serviceLabel, defaultLabel, category),
+      coalesce(serviceMessage, 'n/a'),
+    ],
+    color: coalesce(
+      // In case of an error, disregard user's color override.
+      isError ? undefined : overrideColor,
+      serviceColor,
+      defaultColor,
+      'lightgrey'
+    ),
+    labelColor: coalesce(
+      // In case of an error, disregard user's color override.
+      isError ? undefined : overrideLabelColor,
+      serviceLabelColor,
+      defaultLabelColor
+    ),
+    template: style,
+    namedLogo,
+    logo: logoSvgBase64,
+    logoWidth,
+    logoPosition,
+    links: toArray(overrideLink || serviceLink),
+    cacheLengthSeconds: coalesce(serviceCacheSeconds, defaultCacheSeconds),
+  }
+}
--- a/core/base-service/coalesce-badge.spec.js
+++ b/core/base-service/coalesce-badge.spec.js
@@ -0,0 +1,294 @@
+'use strict'
+
+const { expect } = require('chai')
+const { getShieldsIcon, getSimpleIcon } = require('../../lib/logos')
+const coalesceBadge = require('./coalesce-badge')
+
+describe('coalesceBadge', function() {
+  describe('Label', function() {
+    it('uses the default label', function() {
+      expect(coalesceBadge({}, {}, { label: 'heyo' }).text).to.deep.equal([
+        'heyo',
+        'n/a',
+      ])
+    })
+
+    // This behavior isn't great and we might want to remove it.
+    it('uses the category as a default label', function() {
+      expect(
+        coalesceBadge({}, {}, {}, { category: 'cat' }).text
+      ).to.deep.equal(['cat', 'n/a'])
+    })
+
+    it('preserves an empty label', function() {
+      expect(
+        coalesceBadge({}, { label: '', message: '10k' }, {}).text
+      ).to.deep.equal(['', '10k'])
+    })
+
+    it('overrides the label', function() {
+      expect(
+        coalesceBadge({ label: 'purr count' }, { label: 'purrs' }, {}).text
+      ).to.deep.equal(['purr count', 'n/a'])
+    })
+  })
+
+  describe('Message', function() {
+    it('applies the service message', function() {
+      expect(coalesceBadge({}, { message: '10k' }, {}).text).to.deep.equal([
+        undefined,
+        '10k',
+      ])
+    })
+
+    it('applies a numeric service message', function() {
+      // While a number of badges use this, in the long run we may want
+      // `render()` to always return a string.
+      expect(coalesceBadge({}, { message: 10 }, {}).text).to.deep.equal([
+        undefined,
+        10,
+      ])
+    })
+  })
+
+  describe('Right color', function() {
+    it('uses the default color', function() {
+      expect(coalesceBadge({}, {}, {}).color).to.equal('lightgrey')
+    })
+
+    it('overrides the color', function() {
+      expect(
+        coalesceBadge({ color: '10ADED' }, { color: 'red' }, {}).color
+      ).to.equal('10ADED')
+      // also expected for legacy name
+      expect(
+        coalesceBadge({ colorB: 'B0ADED' }, { color: 'red' }, {}).color
+      ).to.equal('B0ADED')
+    })
+
+    context('In case of an error', function() {
+      it('does not override the color', function() {
+        expect(
+          coalesceBadge(
+            { color: '10ADED' },
+            { isError: true, color: 'lightgray' },
+            {}
+          ).color
+        ).to.equal('lightgray')
+        // also expected for legacy name
+        expect(
+          coalesceBadge(
+            { colorB: 'B0ADED' },
+            { isError: true, color: 'lightgray' },
+            {}
+          ).color
+        ).to.equal('lightgray')
+      })
+    })
+
+    it('applies the service color', function() {
+      expect(coalesceBadge({}, { color: 'red' }, {}).color).to.equal('red')
+    })
+  })
+
+  describe('Left color', function() {
+    it('provides no default label color', function() {
+      expect(coalesceBadge({}, {}, {}).labelColor).to.be.undefined
+    })
+
+    it('applies the service label color', function() {
+      expect(coalesceBadge({}, { labelColor: 'red' }, {}).labelColor).to.equal(
+        'red'
+      )
+    })
+
+    it('overrides the label color', function() {
+      expect(
+        coalesceBadge({ labelColor: '42f483' }, { color: 'green' }, {})
+          .labelColor
+      ).to.equal('42f483')
+      // also expected for legacy name
+      expect(
+        coalesceBadge({ colorA: 'B2f483' }, { color: 'green' }, {}).labelColor
+      ).to.equal('B2f483')
+    })
+
+    it('converts a query-string numeric color to a string', function() {
+      expect(
+        coalesceBadge(
+          // Scoutcamp converts numeric query params to numbers.
+          { color: 123 },
+          { color: 'green' },
+          {}
+        ).color
+      ).to.equal('123')
+      // also expected for legacy name
+      expect(
+        coalesceBadge(
+          // Scoutcamp converts numeric query params to numbers.
+          { colorB: 123 },
+          { color: 'green' },
+          {}
+        ).color
+      ).to.equal('123')
+    })
+  })
+
+  describe('Named logos', function() {
+    it('when not a social badge, ignores the default named logo', function() {
+      expect(coalesceBadge({}, {}, { namedLogo: 'appveyor' }).logo).to.be
+        .undefined
+    })
+
+    it('when a social badge, uses the default named logo', function() {
+      // .not.be.empty for confidence that nothing has changed with `getShieldsIcon()`.
+      expect(
+        coalesceBadge({ style: 'social' }, {}, { namedLogo: 'appveyor' }).logo
+      ).to.equal(getSimpleIcon({ name: 'appveyor' })).and.not.be.empty
+    })
+
+    it('applies the named logo', function() {
+      expect(coalesceBadge({}, { namedLogo: 'npm' }, {}).namedLogo).to.equal(
+        'npm'
+      )
+      expect(coalesceBadge({}, { namedLogo: 'npm' }, {}).logo).to.equal(
+        getShieldsIcon({ name: 'npm' })
+      ).and.not.to.be.empty
+    })
+
+    it('applies the named logo with color', function() {
+      expect(
+        coalesceBadge({}, { namedLogo: 'npm', logoColor: 'blue' }, {}).logo
+      ).to.equal(getShieldsIcon({ name: 'npm', color: 'blue' })).and.not.to.be
+        .empty
+    })
+
+    it('overrides the logo', function() {
+      expect(
+        coalesceBadge({ logo: 'npm' }, { namedLogo: 'appveyor' }, {}).logo
+      ).to.equal(getShieldsIcon({ name: 'npm' })).and.not.be.empty
+    })
+
+    it('overrides the logo with a color', function() {
+      expect(
+        coalesceBadge(
+          { logo: 'npm', logoColor: 'blue' },
+          { namedLogo: 'appveyor' },
+          {}
+        ).logo
+      ).to.equal(getShieldsIcon({ name: 'npm', color: 'blue' })).and.not.be
+        .empty
+    })
+
+    it("when the logo is overridden, it ignores the service's logo color, position, and width", function() {
+      expect(
+        coalesceBadge(
+          { logo: 'npm' },
+          {
+            namedLogo: 'appveyor',
+            logoColor: 'red',
+            logoPosition: -3,
+            logoWidth: 100,
+          },
+          {}
+        ).logo
+      ).to.equal(getShieldsIcon({ name: 'npm' })).and.not.be.empty
+    })
+
+    it("overrides the service logo's color", function() {
+      expect(
+        coalesceBadge(
+          { logoColor: 'blue' },
+          { namedLogo: 'npm', logoColor: 'red' },
+          {}
+        ).logo
+      ).to.equal(getShieldsIcon({ name: 'npm', color: 'blue' })).and.not.be
+        .empty
+    })
+
+    // https://github.com/badges/shields/issues/2998
+    it('overrides logoSvg', function() {
+      const logoSvg = 'data:image/svg+xml;base64,PHN2ZyB4bWxu'
+      expect(coalesceBadge({ logo: 'npm' }, { logoSvg }, {}).logo).to.equal(
+        getShieldsIcon({ name: 'npm' })
+      ).and.not.be.empty
+    })
+  })
+
+  describe('Custom logos', function() {
+    it('overrides the logo with custom svg', function() {
+      const logoSvg = 'data:image/svg+xml;base64,PHN2ZyB4bWxu'
+      expect(
+        coalesceBadge({ logo: logoSvg }, { namedLogo: 'appveyor' }, {}).logo
+      ).to.equal(logoSvg)
+    })
+
+    it('ignores the color when custom svg is provided', function() {
+      const logoSvg = 'data:image/svg+xml;base64,PHN2ZyB4bWxu'
+      expect(
+        coalesceBadge(
+          { logo: logoSvg, logoColor: 'brightgreen' },
+          { namedLogo: 'appveyor' },
+          {}
+        ).logo
+      ).to.equal(logoSvg)
+    })
+  })
+
+  describe('Logo width', function() {
+    it('overrides the logoWidth', function() {
+      expect(coalesceBadge({ logoWidth: 20 }, {}, {}).logoWidth).to.equal(20)
+    })
+
+    it('applies the logo width', function() {
+      expect(
+        coalesceBadge({}, { namedLogo: 'npm', logoWidth: 275 }, {}).logoWidth
+      ).to.equal(275)
+    })
+  })
+
+  describe('Logo position', function() {
+    it('overrides the logoPosition', function() {
+      expect(
+        coalesceBadge({ logoPosition: -10 }, {}, {}).logoPosition
+      ).to.equal(-10)
+    })
+
+    it('applies the logo position', function() {
+      expect(
+        coalesceBadge({}, { namedLogo: 'npm', logoPosition: -10 }, {})
+          .logoPosition
+      ).to.equal(-10)
+    })
+  })
+
+  describe('Links', function() {
+    it('overrides the links', function() {
+      expect(
+        coalesceBadge(
+          { link: 'https://circleci.com/gh/badges/daily-tests' },
+          {
+            link:
+              'https://circleci.com/workflow-run/184ef3de-4836-4805-a2e4-0ceba099f92d',
+          },
+          {}
+        ).links
+      ).to.deep.equal(['https://circleci.com/gh/badges/daily-tests'])
+    })
+  })
+
+  describe('Style', function() {
+    it('overrides the template', function() {
+      expect(coalesceBadge({ style: 'pill' }, {}, {}).template).to.equal('pill')
+    })
+  })
+
+  describe('Cache length', function() {
+    it('overrides the cache length', function() {
+      expect(
+        coalesceBadge({ style: 'pill' }, { cacheSeconds: 123 }, {})
+          .cacheLengthSeconds
+      ).to.equal(123)
+    })
+  })
+})
--- a/core/base-service/coalesce.js
+++ b/core/base-service/coalesce.js
@@ -0,0 +1,5 @@
+'use strict'
+
+module.exports = function coalesce(...candidates) {
+  return candidates.find(c => c !== undefined && c !== null)
+}
--- a/core/base-service/coalesce.spec.js
+++ b/core/base-service/coalesce.spec.js
@@ -0,0 +1,23 @@
+'use strict'
+
+const { test, given } = require('sazerac')
+const coalesce = require('./coalesce')
+
+// Sticking with our one-line spread implementation, and defaulting to
+// `undefined` instead of `null`, though h/t to
+// https://github.com/royriojas/coalescy for these tests!
+
+describe('coalesce', function() {
+  test(coalesce, function() {
+    given().expect(undefined)
+    given(null, []).expect([])
+    given(null, [], {}).expect([])
+    given(null, undefined, 0, {}).expect(0)
+
+    const a = null
+    const c = 0
+    const d = 1
+    let b
+    given(a, b, c, d).expect(0)
+  })
+})
--- a/core/base-service/deprecated-service.js
+++ b/core/base-service/deprecated-service.js
@@ -0,0 +1,63 @@
+'use strict'
+
+const Joi = require('@hapi/joi')
+const camelcase = require('camelcase')
+const BaseService = require('./base')
+const { isValidCategory } = require('./categories')
+const { Deprecated } = require('./errors')
+const { isValidRoute } = require('./route')
+
+const attrSchema = Joi.object({
+  route: isValidRoute,
+  name: Joi.string(),
+  label: Joi.string(),
+  category: isValidCategory,
+  // The content of examples is validated later, via `transformExamples()`.
+  examples: Joi.array().default([]),
+  message: Joi.string(),
+  dateAdded: Joi.date().required(),
+}).required()
+
+function deprecatedService(attrs) {
+  const { route, name, label, category, examples, message } = Joi.attempt(
+    attrs,
+    attrSchema,
+    `Deprecated service for ${attrs.route.base}`
+  )
+
+  return class DeprecatedService extends BaseService {
+    static get name() {
+      return name
+        ? `Deprecated${name}`
+        : `Deprecated${camelcase(route.base.replace(/\//g, '_'), {
+            pascalCase: true,
+          })}`
+    }
+
+    static get category() {
+      return category
+    }
+
+    static get isDeprecated() {
+      return true
+    }
+
+    static get route() {
+      return route
+    }
+
+    static get examples() {
+      return examples
+    }
+
+    static get defaultBadgeData() {
+      return { label }
+    }
+
+    async handle() {
+      throw new Deprecated({ prettyMessage: message })
+    }
+  }
+}
+
+module.exports = deprecatedService
--- a/core/base-service/deprecated-service.spec.js
+++ b/core/base-service/deprecated-service.spec.js
@@ -0,0 +1,69 @@
+'use strict'
+
+const { expect } = require('chai')
+const deprecatedService = require('./deprecated-service')
+
+describe('DeprecatedService', function() {
+  const route = {
+    base: 'service/that/no/longer/exists',
+    format: '(?:.+)',
+  }
+  const category = 'analysis'
+  const dateAdded = new Date()
+  const commonAttrs = { route, category, dateAdded }
+
+  it('returns true on isDeprecated', function() {
+    const service = deprecatedService({ ...commonAttrs })
+    expect(service.isDeprecated).to.be.true
+  })
+
+  it('has the expected name', function() {
+    const service = deprecatedService({ ...commonAttrs })
+    expect(service.name).to.equal('DeprecatedServiceThatNoLongerExists')
+  })
+
+  it('sets specified route', function() {
+    const service = deprecatedService({ ...commonAttrs })
+    expect(service.route).to.deep.equal(route)
+  })
+
+  it('sets specified label', function() {
+    const label = 'coverity'
+    const service = deprecatedService({ ...commonAttrs, label })
+    expect(service.defaultBadgeData.label).to.equal(label)
+  })
+
+  it('sets specified category', function() {
+    const service = deprecatedService({ ...commonAttrs })
+    expect(service.category).to.equal(category)
+  })
+
+  it('sets specified examples', function() {
+    const examples = [
+      {
+        title: 'Not sure we would have examples',
+      },
+    ]
+    const service = deprecatedService({ ...commonAttrs, examples })
+    expect(service.examples).to.deep.equal(examples)
+  })
+
+  it('uses default deprecation message when no message specified', async function() {
+    const service = deprecatedService({ ...commonAttrs })
+    expect(await service.invoke()).to.deep.equal({
+      isError: true,
+      color: 'lightgray',
+      message: 'no longer available',
+    })
+  })
+
+  it('uses custom deprecation message when specified', async function() {
+    const message = 'extended outage'
+    const service = deprecatedService({ ...commonAttrs, message })
+    expect(await service.invoke()).to.deep.equal({
+      isError: true,
+      color: 'lightgray',
+      message,
+    })
+  })
+})
--- a/core/base-service/errors.js
+++ b/core/base-service/errors.js
@@ -0,0 +1,221 @@
+/**
+ * Standard exceptions for handling error cases
+ *
+ * @module
+ */
+
+'use strict'
+
+/**
+ * Base error class
+ *
+ * @abstract
+ */
+class ShieldsRuntimeError extends Error {
+  /**
+   * Name of the class. Implementations of ShieldsRuntimeError
+   * should override this method.
+   *
+   * @type {string}
+   */
+  get name() {
+    return 'ShieldsRuntimeError'
+  }
+
+  /**
+   * Default message for this exception if none is specified.
+   * Implementations of ShieldsRuntimeError should implement this method.
+   *
+   * @abstract
+   * @type {string}
+   */
+  get defaultPrettyMessage() {
+    throw new Error('Must implement abstract method')
+  }
+
+  /**
+   * @param {module:core/base-service/errors~RuntimeErrorProps} props
+   * Refer to individual attrs
+   * @param {string} message Exception message for debug purposes
+   */
+  constructor(props = {}, message) {
+    super(message)
+    this.prettyMessage = props.prettyMessage || this.defaultPrettyMessage
+    if (props.underlyingError) {
+      this.stack = props.underlyingError.stack
+    }
+  }
+}
+
+const defaultNotFoundError = 'not found'
+
+/**
+ * Throw this to wrap a 404 or other 'not found' response from an upstream API
+ */
+class NotFound extends ShieldsRuntimeError {
+  get name() {
+    return 'NotFound'
+  }
+
+  get defaultPrettyMessage() {
+    return defaultNotFoundError
+  }
+
+  /**
+   * @param {module:core/base-service/errors~RuntimeErrorProps} props
+   * Refer to individual attrs
+   */
+  constructor(props = {}) {
+    const prettyMessage = props.prettyMessage || defaultNotFoundError
+    const message =
+      prettyMessage === defaultNotFoundError
+        ? 'Not Found'
+        : `Not Found: ${prettyMessage}`
+    super(props, message)
+    this.response = props.response
+  }
+}
+
+/**
+ * Throw this to wrap an invalid or unexpected response from an upstream API
+ */
+class InvalidResponse extends ShieldsRuntimeError {
+  get name() {
+    return 'InvalidResponse'
+  }
+
+  get defaultPrettyMessage() {
+    return 'invalid'
+  }
+
+  /**
+   * @param {module:core/base-service/errors~RuntimeErrorProps} props
+   * Refer to individual attrs
+   */
+  constructor(props = {}) {
+    const message = props.underlyingError
+      ? `Invalid Response: ${props.underlyingError.message}`
+      : 'Invalid Response'
+    super(props, message)
+    this.response = props.response
+  }
+}
+
+/**
+ * Throw this if we can't contact an upstream API
+ * or to wrap a 5XX response
+ */
+class Inaccessible extends ShieldsRuntimeError {
+  get name() {
+    return 'Inaccessible'
+  }
+
+  get defaultPrettyMessage() {
+    return 'inaccessible'
+  }
+
+  /**
+   * @param {module:core/base-service/errors~RuntimeErrorProps} props
+   * Refer to individual attrs
+   */
+  constructor(props = {}) {
+    const message = props.underlyingError
+      ? `Inaccessible: ${props.underlyingError.message}`
+      : 'Inaccessible'
+    super(props, message)
+    this.response = props.response
+  }
+}
+
+/**
+ * Throw this error when required credentials are missing
+ */
+class ImproperlyConfigured extends ShieldsRuntimeError {
+  get name() {
+    return 'ImproperlyConfigured'
+  }
+
+  get defaultPrettyMessage() {
+    return 'improperly configured'
+  }
+
+  /**
+   * @param {module:core/base-service/errors~RuntimeErrorProps} props
+   * Refer to individual attrs
+   */
+  constructor(props = {}) {
+    const message = props.underlyingError
+      ? `ImproperlyConfigured: ${props.underlyingError.message}`
+      : 'ImproperlyConfigured'
+    super(props, message)
+    this.response = props.response
+  }
+}
+
+/**
+ * Throw this error when a user supplied input or parameter
+ * is invalid or unexpected
+ */
+class InvalidParameter extends ShieldsRuntimeError {
+  get name() {
+    return 'InvalidParameter'
+  }
+
+  get defaultPrettyMessage() {
+    return 'invalid parameter'
+  }
+
+  /**
+   * @param {module:core/base-service/errors~RuntimeErrorProps} props
+   * Refer to individual attrs
+   */
+  constructor(props = {}) {
+    const message = props.underlyingError
+      ? `Invalid Parameter: ${props.underlyingError.message}`
+      : 'Invalid Parameter'
+    super(props, message)
+    this.response = props.response
+  }
+}
+
+/**
+ * Throw this error to indicate that a service is deprecated or removed
+ */
+class Deprecated extends ShieldsRuntimeError {
+  get name() {
+    return 'Deprecated'
+  }
+
+  get defaultPrettyMessage() {
+    return 'no longer available'
+  }
+
+  /**
+   * @param {module:core/base-service/errors~RuntimeErrorProps} props
+   * Refer to individual attrs
+   */
+  constructor(props) {
+    const message = 'Deprecated'
+    super(props, message)
+  }
+}
+
+/**
+ * @typedef {object} RuntimeErrorProps
+ * @property {Error} underlyingError Exception we are wrapping (Optional)
+ * @property {object} response Response from an upstream API to provide
+ * context for the error (Optional)
+ * @property {string} prettyMessage User-facing error message to override the
+ * value of `defaultPrettyMessage()`. This is the text that will appear on the
+ * badge when we catch and render the exception (Optional)
+ */
+
+module.exports = {
+  ShieldsRuntimeError,
+  NotFound,
+  ImproperlyConfigured,
+  InvalidResponse,
+  Inaccessible,
+  InvalidParameter,
+  Deprecated,
+}
--- a/core/base-service/examples.js
+++ b/core/base-service/examples.js
@@ -0,0 +1,173 @@
+'use strict'
+
+const Joi = require('@hapi/joi')
+const { pathToRegexp, compile } = require('path-to-regexp')
+const categories = require('../../services/categories')
+const coalesceBadge = require('./coalesce-badge')
+const { makeFullUrl } = require('./route')
+
+const optionalObjectOfKeyValues = Joi.object().pattern(
+  /./,
+  Joi.string().allow(null)
+)
+
+const schema = Joi.object({
+  // This should be:
+  // title: Joi.string().required(),
+  title: Joi.string(),
+  namedParams: optionalObjectOfKeyValues.required(),
+  queryParams: optionalObjectOfKeyValues.default({}),
+  pattern: Joi.string(),
+  staticPreview: Joi.object({
+    label: Joi.string(),
+    message: Joi.alternatives()
+      .try(
+        Joi.string()
+          .allow('')
+          .required(),
+        Joi.number()
+      )
+      .required(),
+    color: Joi.string(),
+    style: Joi.string(),
+  }).required(),
+  keywords: Joi.array()
+    .items(Joi.string())
+    .default([]),
+  documentation: Joi.string(), // Valid HTML.
+}).required()
+
+function validateExample(example, index, ServiceClass) {
+  const result = Joi.attempt(
+    example,
+    schema,
+    `Example for ${ServiceClass.name} at index ${index}`
+  )
+
+  const { pattern, namedParams } = result
+
+  if (!pattern && !ServiceClass.route.pattern) {
+    throw new Error(
+      `Example for ${ServiceClass.name} at index ${index} does not declare a pattern`
+    )
+  }
+  if (pattern === ServiceClass.route.pattern) {
+    throw new Error(
+      `Example for ${ServiceClass.name} at index ${index} declares a redundant pattern which should be removed`
+    )
+  }
+
+  // Make sure we can build the full URL using these patterns.
+  try {
+    compile(pattern || ServiceClass.route.pattern, {
+      encode: encodeURIComponent,
+    })(namedParams)
+  } catch (e) {
+    throw Error(
+      `In example for ${
+        ServiceClass.name
+      } at index ${index}, ${e.message.toLowerCase()}`
+    )
+  }
+  // Make sure there are no extra keys.
+  let keys = []
+  pathToRegexp(pattern || ServiceClass.route.pattern, keys, {
+    strict: true,
+    sensitive: true,
+  })
+  keys = keys.map(({ name }) => name)
+  const extraKeys = Object.keys(namedParams).filter(k => !keys.includes(k))
+  if (extraKeys.length) {
+    throw Error(
+      `In example for ${
+        ServiceClass.name
+      } at index ${index}, namedParams contains unknown keys: ${extraKeys.join(
+        ', '
+      )}`
+    )
+  }
+
+  if (example.keywords) {
+    // Make sure the keywords are at least two characters long.
+    const tinyKeywords = example.keywords.filter(k => k.length < 2)
+    if (tinyKeywords.length) {
+      throw Error(
+        `In example for ${
+          ServiceClass.name
+        } at index ${index}, keywords contains words that are less than two characters long: ${tinyKeywords.join(
+          ', '
+        )}`
+      )
+    }
+    // Make sure none of the keywords are already included in the title.
+    const title = (example.title || ServiceClass.name).toLowerCase()
+    const redundantKeywords = example.keywords.filter(k =>
+      title.includes(k.toLowerCase())
+    )
+    if (redundantKeywords.length) {
+      throw Error(
+        `In example for ${
+          ServiceClass.name
+        } at index ${index}, keywords contains words that are already in the title: ${redundantKeywords.join(
+          ', '
+        )}`
+      )
+    }
+  }
+
+  return result
+}
+
+function transformExample(inExample, index, ServiceClass) {
+  const {
+    // We should get rid of this transform, since the class name is never what
+    // we want to see.
+    title = ServiceClass.name,
+    namedParams,
+    queryParams,
+    pattern,
+    staticPreview,
+    keywords,
+    documentation,
+  } = validateExample(inExample, index, ServiceClass)
+
+  const {
+    text: [label, message],
+    color,
+    template: style,
+    namedLogo,
+  } = coalesceBadge(
+    {},
+    staticPreview,
+    ServiceClass.defaultBadgeData,
+    ServiceClass
+  )
+
+  return {
+    title,
+    example: {
+      pattern: makeFullUrl(
+        ServiceClass.route.base,
+        pattern || ServiceClass.route.pattern
+      ),
+      namedParams,
+      queryParams,
+    },
+    preview: {
+      label,
+      message: `${message}`,
+      color,
+      style: style === 'flat' ? undefined : style,
+      namedLogo,
+    },
+    keywords: keywords.concat(
+      categories.find(c => c.id === ServiceClass.category).keywords
+    ),
+    documentation: documentation ? { __html: documentation } : undefined,
+  }
+}
+
+module.exports = {
+  validateExample,
+  transformExample,
+}
--- a/core/base-service/examples.spec.js
+++ b/core/base-service/examples.spec.js
@@ -0,0 +1,169 @@
+'use strict'
+
+const { expect } = require('chai')
+const { test, given } = require('sazerac')
+const { validateExample, transformExample } = require('./examples')
+
+describe('validateExample function', function() {
+  it('passes valid examples', function() {
+    const validExamples = [
+      {
+        title: 'Package manager versioning badge',
+        staticPreview: { message: '123' },
+        pattern: 'dt/:package',
+        namedParams: { package: 'mypackage' },
+        keywords: ['semver', 'management'],
+      },
+    ]
+
+    validExamples.forEach(example => {
+      expect(() =>
+        validateExample(example, 0, { route: {}, name: 'mockService' })
+      ).not.to.throw(Error)
+    })
+  })
+
+  it('rejects invalid examples', function() {
+    const invalidExamples = [
+      {},
+      { staticPreview: { message: '123' } },
+      {
+        staticPreview: { message: '123' },
+        pattern: 'dt/:package',
+        namedParams: { package: 'mypackage' },
+        exampleUrl: 'dt/mypackage',
+      },
+      { staticPreview: { message: '123' }, pattern: 'dt/:package' },
+      {
+        staticPreview: { message: '123' },
+        pattern: 'dt/:package',
+        previewUrl: 'dt/mypackage',
+      },
+      {
+        staticPreview: { message: '123' },
+        pattern: 'dt/:package',
+        exampleUrl: 'dt/mypackage',
+      },
+      { previewUrl: 'dt/mypackage' },
+      {
+        staticPreview: { message: '123' },
+        pattern: 'dt/:package',
+        namedParams: { package: 'mypackage' },
+        keywords: ['a'], // Keyword too short.
+      },
+      {
+        staticPreview: { message: '123' },
+        pattern: 'dt/:package',
+        namedParams: { package: 'mypackage' },
+        keywords: ['mockService'], // No title and keyword matching the class name.
+      },
+      {
+        title: 'Package manager versioning badge',
+        staticPreview: { message: '123' },
+        pattern: 'dt/:package',
+        namedParams: { package: 'mypackage' },
+        keywords: ['version'], // Keyword included in title.
+      },
+    ]
+
+    invalidExamples.forEach(example => {
+      expect(() =>
+        validateExample(example, 0, { route: {}, name: 'mockService' })
+      ).to.throw(Error)
+    })
+  })
+})
+
+test(transformExample, function() {
+  const ExampleService = {
+    name: 'ExampleService',
+    route: {
+      base: 'some-service',
+      pattern: ':interval/:packageName',
+    },
+    defaultBadgeData: {
+      label: 'downloads',
+    },
+    category: 'platform-support',
+  }
+
+  given(
+    {
+      pattern: 'dt/:packageName',
+      namedParams: { packageName: 'express' },
+      staticPreview: { message: '50k' },
+      keywords: ['hello'],
+    },
+    0,
+    ExampleService
+  ).expect({
+    title: 'ExampleService',
+    example: {
+      pattern: '/some-service/dt/:packageName',
+      namedParams: { packageName: 'express' },
+      queryParams: {},
+    },
+    preview: {
+      label: 'downloads',
+      message: '50k',
+      color: 'lightgrey',
+      namedLogo: undefined,
+      style: undefined,
+    },
+    keywords: ['hello', 'platform'],
+    documentation: undefined,
+  })
+
+  given(
+    {
+      namedParams: { interval: 'dt', packageName: 'express' },
+      staticPreview: { message: '50k' },
+      keywords: ['hello'],
+    },
+    0,
+    ExampleService
+  ).expect({
+    title: 'ExampleService',
+    example: {
+      pattern: '/some-service/:interval/:packageName',
+      namedParams: { interval: 'dt', packageName: 'express' },
+      queryParams: {},
+    },
+    preview: {
+      label: 'downloads',
+      message: '50k',
+      color: 'lightgrey',
+      namedLogo: undefined,
+      style: undefined,
+    },
+    keywords: ['hello', 'platform'],
+    documentation: undefined,
+  })
+
+  given(
+    {
+      namedParams: { interval: 'dt', packageName: 'express' },
+      queryParams: { registry_url: 'http://example.com/' },
+      staticPreview: { message: '50k' },
+      keywords: ['hello'],
+    },
+    0,
+    ExampleService
+  ).expect({
+    title: 'ExampleService',
+    example: {
+      pattern: '/some-service/:interval/:packageName',
+      namedParams: { interval: 'dt', packageName: 'express' },
+      queryParams: { registry_url: 'http://example.com/' },
+    },
+    preview: {
+      label: 'downloads',
+      message: '50k',
+      color: 'lightgrey',
+      namedLogo: undefined,
+      style: undefined,
+    },
+    keywords: ['hello', 'platform'],
+    documentation: undefined,
+  })
+})
--- a/core/base-service/graphql.js
+++ b/core/base-service/graphql.js
@@ -0,0 +1,52 @@
+'use strict'
+/**
+ * @module
+ */
+
+/**
+ * Utility function to merge two graphql queries together
+ * This is basically copied from
+ * [graphql-query-merge](https://www.npmjs.com/package/graphql-query-merge)
+ * but can't use that due to incorrect packaging.
+ *
+ * @param {...object} queries queries to merge
+ * @returns {object} merged query
+ */
+function mergeQueries(...queries) {
+  const merged = {
+    kind: 'Document',
+    definitions: [
+      {
+        directives: [],
+        operation: 'query',
+        variableDefinitions: [],
+        kind: 'OperationDefinition',
+        selectionSet: { kind: 'SelectionSet', selections: [] },
+      },
+    ],
+  }
+
+  queries.forEach(query => {
+    const parsedQuery = query
+    parsedQuery.definitions.forEach(definition => {
+      merged.definitions[0].directives = [
+        ...merged.definitions[0].directives,
+        ...definition.directives,
+      ]
+
+      merged.definitions[0].variableDefinitions = [
+        ...merged.definitions[0].variableDefinitions,
+        ...definition.variableDefinitions,
+      ]
+
+      merged.definitions[0].selectionSet.selections = [
+        ...merged.definitions[0].selectionSet.selections,
+        ...definition.selectionSet.selections,
+      ]
+    })
+  })
+
+  return merged
+}
+
+module.exports = { mergeQueries }
--- a/core/base-service/graphql.spec.js
+++ b/core/base-service/graphql.spec.js
@@ -0,0 +1,94 @@
+'use strict'
+
+const { expect } = require('chai')
+const gql = require('graphql-tag')
+const { print } = require('graphql/language/printer')
+const { mergeQueries } = require('./graphql')
+
+require('../register-chai-plugins.spec')
+
+describe('mergeQueries function', function() {
+  it('merges valid gql queries', function() {
+    expect(
+      print(
+        mergeQueries(
+          gql`
+            query($param: String!) {
+              foo(param: $param) {
+                bar
+              }
+            }
+          `
+        )
+      )
+    ).to.equalIgnoreSpaces(
+      'query ($param: String!) { foo(param: $param) { bar } }'
+    )
+
+    expect(
+      print(
+        mergeQueries(
+          gql`
+            query($param: String!) {
+              foo(param: $param) {
+                bar
+              }
+            }
+          `,
+          gql`
+            query {
+              baz
+            }
+          `
+        )
+      )
+    ).to.equalIgnoreSpaces(
+      'query ($param: String!) { foo(param: $param) { bar } baz }'
+    )
+
+    expect(
+      print(
+        mergeQueries(
+          gql`
+            query {
+              foo
+            }
+          `,
+          gql`
+            query {
+              bar
+            }
+          `,
+          gql`
+            query {
+              baz
+            }
+          `
+        )
+      )
+    ).to.equalIgnoreSpaces('{ foo bar baz }')
+
+    expect(
+      print(
+        mergeQueries(
+          gql`
+            {
+              foo
+            }
+          `,
+          gql`
+            {
+              bar
+            }
+          `
+        )
+      )
+    ).to.equalIgnoreSpaces('{ foo bar }')
+  })
+
+  it('throws an error when passed invalid params', function() {
+    expect(() => mergeQueries('', '')).to.throw(Error)
+    expect(() => mergeQueries(undefined, 17, true)).to.throw(Error)
+    expect(() => mergeQueries(gql``, gql`foo`)).to.throw(Error)
+  })
+})
--- a/core/base-service/index.js
+++ b/core/base-service/index.js
@@ -0,0 +1,37 @@
+'use strict'
+
+const BaseService = require('./base')
+const BaseJsonService = require('./base-json')
+const BaseGraphqlService = require('./base-graphql')
+const NonMemoryCachingBaseService = require('./base-non-memory-caching')
+const BaseStaticService = require('./base-static')
+const BaseSvgScrapingService = require('./base-svg-scraping')
+const BaseXmlService = require('./base-xml')
+const BaseYamlService = require('./base-yaml')
+const deprecatedService = require('./deprecated-service')
+const redirector = require('./redirector')
+const {
+  NotFound,
+  InvalidResponse,
+  Inaccessible,
+  InvalidParameter,
+  Deprecated,
+} = require('./errors')
+
+module.exports = {
+  BaseService,
+  BaseJsonService,
+  BaseGraphqlService,
+  NonMemoryCachingBaseService,
+  BaseStaticService,
+  BaseSvgScrapingService,
+  BaseXmlService,
+  BaseYamlService,
+  deprecatedService,
+  redirector,
+  NotFound,
+  InvalidResponse,
+  Inaccessible,
+  InvalidParameter,
+  Deprecated,
+}
--- a/core/base-service/json.js
+++ b/core/base-service/json.js
@@ -0,0 +1,28 @@
+'use strict'
+
+// See available emoji at http://emoji.muan.co/
+const emojic = require('emojic')
+const { InvalidResponse } = require('./errors')
+const trace = require('./trace')
+
+function parseJson(buffer) {
+  const logTrace = (...args) => trace.logTrace('fetch', ...args)
+  let json
+  try {
+    json = JSON.parse(buffer)
+  } catch (err) {
+    logTrace(emojic.dart, 'Response JSON (unparseable)', buffer)
+    throw new InvalidResponse({
+      prettyMessage: 'unparseable json response',
+      underlyingError: err,
+    })
+  }
+  logTrace(emojic.dart, 'Response JSON (before validation)', json, {
+    deep: true,
+  })
+  return json
+}
+
+module.exports = {
+  parseJson,
+}
--- a/core/base-service/legacy-request-handler.js
+++ b/core/base-service/legacy-request-handler.js
@@ -0,0 +1,299 @@
+'use strict'
+
+const request = require('request')
+const queryString = require('query-string')
+const makeBadge = require('../../gh-badges/lib/make-badge')
+const { setCacheHeaders } = require('./cache-headers')
+const {
+  Inaccessible,
+  InvalidResponse,
+  ShieldsRuntimeError,
+} = require('./errors')
+const { makeSend } = require('./legacy-result-sender')
+const LruCache = require('./lru-cache')
+const coalesceBadge = require('./coalesce-badge')
+
+const userAgent = 'Shields.io/2003a'
+
+// We avoid calling the vendor's server for computation of the information in a
+// number of badges.
+const minAccuracy = 0.75
+
+// The quotient of (vendor) data change frequency by badge request frequency
+// must be lower than this to trigger sending the cached data *before*
+// updating our data from the vendor's server.
+// Indeed, the accuracy of our badges are:
+// A(Δt) = 1 - min(# data change over Δt, # requests over Δt)
+//             / (# requests over Δt)
+//       = 1 - max(1, df) / rf
+const freqRatioMax = 1 - minAccuracy
+
+// Request cache size of 5MB (~5000 bytes/image).
+const requestCache = new LruCache(1000)
+
+// These query parameters are available to any badge. They are handled by
+// `coalesceBadge`.
+const globalQueryParams = new Set([
+  'label',
+  'style',
+  'link',
+  'logo',
+  'logoColor',
+  'logoPosition',
+  'logoWidth',
+  'link',
+  'colorA',
+  'colorB',
+  'color',
+  'labelColor',
+])
+
+function flattenQueryParams(queryParams) {
+  const union = new Set(globalQueryParams)
+  ;(queryParams || []).forEach(name => {
+    union.add(name)
+  })
+  return Array.from(union).sort()
+}
+
+function promisify(cachingRequest) {
+  return (uri, options) =>
+    new Promise((resolve, reject) => {
+      cachingRequest(uri, options, (err, res, buffer) => {
+        if (err) {
+          if (err instanceof ShieldsRuntimeError) {
+            reject(err)
+          } else {
+            // Wrap the error in an Inaccessible so it can be identified
+            // by the BaseService handler.
+            reject(new Inaccessible({ underlyingError: err }))
+          }
+        } else {
+          resolve({ res, buffer })
+        }
+      })
+    })
+}
+
+// handlerOptions can contain:
+// - handler: The service's request handler function
+// - queryParams: An array of the field names of any custom query parameters
+//   the service uses
+// - cacheLength: An optional badge or category-specific cache length
+//   (in number of seconds) to be used in preference to the default
+// - fetchLimitBytes: A limit on the response size we're willing to parse
+//
+// For safety, the service must declare the query parameters it wants to use.
+// Only the declared parameters (and the global parameters) are provided to
+// the service. Consequently, failure to declare a parameter results in the
+// parameter not working at all (which is undesirable, but easy to debug)
+// rather than indeterminate behavior that depends on the cache state
+// (undesirable and hard to debug).
+//
+// Pass just the handler function as shorthand.
+function handleRequest(cacheHeaderConfig, handlerOptions) {
+  if (!cacheHeaderConfig) {
+    throw Error('cacheHeaderConfig is required')
+  }
+
+  if (typeof handlerOptions === 'function') {
+    handlerOptions = { handler: handlerOptions }
+  }
+
+  const allowedKeys = flattenQueryParams(handlerOptions.queryParams)
+  const {
+    cacheLength: serviceDefaultCacheLengthSeconds,
+    fetchLimitBytes,
+  } = handlerOptions
+
+  return (queryParams, match, end, ask) => {
+    const reqTime = new Date()
+
+    // `defaultCacheLengthSeconds` can be overridden by
+    // `serviceDefaultCacheLengthSeconds` (either by category or on a badge-
+    // by-badge basis). Then in turn that can be overridden by
+    // `serviceOverrideCacheLengthSeconds` (which we expect to be used only in
+    // the dynamic badge) but only if `serviceOverrideCacheLengthSeconds` is
+    // longer than `serviceDefaultCacheLengthSeconds` and then the `cacheSeconds`
+    // query param can also override both of those but again only if `cacheSeconds`
+    // is longer.
+    //
+    // When the legacy services have been rewritten, all the code in here
+    // will go away, which should achieve this goal in a simpler way.
+    //
+    // Ref: https://github.com/badges/shields/pull/2755
+    function setCacheHeadersOnResponse(res, serviceOverrideCacheLengthSeconds) {
+      setCacheHeaders({
+        cacheHeaderConfig,
+        serviceDefaultCacheLengthSeconds,
+        serviceOverrideCacheLengthSeconds,
+        queryParams,
+        res,
+      })
+    }
+
+    const filteredQueryParams = {}
+    allowedKeys.forEach(key => {
+      filteredQueryParams[key] = queryParams[key]
+    })
+
+    // Use sindresorhus query-string because it sorts the keys, whereas the
+    // builtin querystring module relies on the iteration order.
+    const stringified = queryString.stringify(filteredQueryParams)
+    const cacheIndex = `${match[0]}?${stringified}`
+
+    // Should we return the data right away?
+    const cached = requestCache.get(cacheIndex)
+    let cachedVersionSent = false
+    if (cached !== undefined) {
+      // A request was made not long ago.
+      const tooSoon = +reqTime - cached.time < cached.interval
+      if (tooSoon || cached.dataChange / cached.reqs <= freqRatioMax) {
+        const svg = makeBadge(cached.data.badgeData)
+        setCacheHeadersOnResponse(
+          ask.res,
+          cached.data.badgeData.cacheLengthSeconds
+        )
+        makeSend(cached.data.format, ask.res, end)(svg)
+        cachedVersionSent = true
+        // We do not wish to call the vendor servers.
+        if (tooSoon) {
+          return
+        }
+      }
+    }
+
+    // In case our vendor servers are unresponsive.
+    let serverUnresponsive = false
+    const serverResponsive = setTimeout(() => {
+      serverUnresponsive = true
+      if (cachedVersionSent) {
+        return
+      }
+      if (requestCache.has(cacheIndex)) {
+        const cached = requestCache.get(cacheIndex)
+        const svg = makeBadge(cached.data.badgeData)
+        setCacheHeadersOnResponse(
+          ask.res,
+          cached.data.badgeData.cacheLengthSeconds
+        )
+        makeSend(cached.data.format, ask.res, end)(svg)
+        return
+      }
+      ask.res.setHeader('Cache-Control', 'no-cache, no-store, must-revalidate')
+      const badgeData = coalesceBadge(
+        filteredQueryParams,
+        { label: 'vendor', message: 'unresponsive' },
+        {}
+      )
+      const svg = makeBadge(badgeData)
+      const extension = (match.slice(-1)[0] || '.svg').replace(/^\./, '')
+      setCacheHeadersOnResponse(ask.res)
+      makeSend(extension, ask.res, end)(svg)
+    }, 25000)
+
+    // Only call vendor servers when last request is older than…
+    let cacheInterval = 5000 // milliseconds
+    function cachingRequest(uri, options, callback) {
+      if (typeof options === 'function' && !callback) {
+        callback = options
+      }
+      if (options && typeof options === 'object') {
+        options.uri = uri
+      } else if (typeof uri === 'string') {
+        options = { uri }
+      } else {
+        options = uri
+      }
+      options.headers = options.headers || {}
+      options.headers['User-Agent'] = userAgent
+
+      let bufferLength = 0
+      const r = request(options, (err, res, body) => {
+        if (res != null && res.headers != null) {
+          const cacheControl = res.headers['cache-control']
+          if (cacheControl != null) {
+            const age = cacheControl.match(/max-age=([0-9]+)/)
+            // Would like to get some more test coverage on this before changing it.
+            // eslint-disable-next-line no-self-compare
+            if (age != null && +age[1] === +age[1]) {
+              cacheInterval = +age[1] * 1000
+            }
+          }
+        }
+        callback(err, res, body)
+      })
+      r.on('data', chunk => {
+        bufferLength += chunk.length
+        if (bufferLength > fetchLimitBytes) {
+          r.abort()
+          r.emit(
+            'error',
+            new InvalidResponse({
+              prettyMessage: 'Maximum response size exceeded',
+            })
+          )
+        }
+      })
+    }
+
+    // Wrapper around `cachingRequest` that returns a promise rather than needing
+    // to pass a callback.
+    cachingRequest.asPromise = promisify(cachingRequest)
+
+    const result = handlerOptions.handler(
+      filteredQueryParams,
+      match,
+      // eslint-disable-next-line mocha/prefer-arrow-callback
+      function sendBadge(format, badgeData) {
+        if (serverUnresponsive) {
+          return
+        }
+        clearTimeout(serverResponsive)
+        // Check for a change in the data.
+        let dataHasChanged = false
+        if (
+          cached !== undefined &&
+          cached.data.badgeData.text[1] !== badgeData.text[1]
+        ) {
+          dataHasChanged = true
+        }
+        // Add format to badge data.
+        badgeData.format = format
+        // Update information in the cache.
+        const updatedCache = {
+          reqs: cached ? cached.reqs + 1 : 1,
+          dataChange: cached ? cached.dataChange + (dataHasChanged ? 1 : 0) : 1,
+          time: +reqTime,
+          interval: cacheInterval,
+          data: { format, badgeData },
+        }
+        requestCache.set(cacheIndex, updatedCache)
+        if (!cachedVersionSent) {
+          const svg = makeBadge(badgeData)
+          setCacheHeadersOnResponse(ask.res, badgeData.cacheLengthSeconds)
+          makeSend(format, ask.res, end)(svg)
+        }
+      },
+      cachingRequest
+    )
+    if (result && result.catch) {
+      result.catch(err => {
+        throw err
+      })
+    }
+  }
+}
+
+function clearRequestCache() {
+  requestCache.clear()
+}
+
+module.exports = {
+  handleRequest,
+  promisify,
+  clearRequestCache,
+  // Expose for testing.
+  _requestCache: requestCache,
+  userAgent,
+}
--- a/core/base-service/legacy-request-handler.spec.js
+++ b/core/base-service/legacy-request-handler.spec.js
@@ -0,0 +1,391 @@
+'use strict'
+
+const { expect } = require('chai')
+const nock = require('nock')
+const portfinder = require('portfinder')
+const Camp = require('camp')
+const got = require('../got-test-client')
+const coalesceBadge = require('./coalesce-badge')
+const {
+  handleRequest,
+  clearRequestCache,
+  _requestCache,
+} = require('./legacy-request-handler')
+
+async function performTwoRequests(baseUrl, first, second) {
+  expect((await got(`${baseUrl}${first}`)).statusCode).to.equal(200)
+  expect((await got(`${baseUrl}${second}`)).statusCode).to.equal(200)
+}
+
+function fakeHandler(queryParams, match, sendBadge, request) {
+  const [, someValue, format] = match
+  const badgeData = coalesceBadge(
+    queryParams,
+    {
+      label: 'testing',
+      message: someValue,
+    },
+    {}
+  )
+  sendBadge(format, badgeData)
+}
+
+function createFakeHandlerWithCacheLength(cacheLengthSeconds) {
+  return function fakeHandler(queryParams, match, sendBadge, request) {
+    const [, someValue, format] = match
+    const badgeData = coalesceBadge(
+      queryParams,
+      {
+        label: 'testing',
+        message: someValue,
+      },
+      {},
+      {
+        _cacheLength: cacheLengthSeconds,
+      }
+    )
+    sendBadge(format, badgeData)
+  }
+}
+
+function fakeHandlerWithNetworkIo(queryParams, match, sendBadge, request) {
+  const [, someValue, format] = match
+  request('https://www.google.com/foo/bar', (err, res, buffer) => {
+    let message
+    if (err) {
+      message = err.prettyMessage
+    } else {
+      message = someValue
+    }
+    const badgeData = coalesceBadge(
+      queryParams,
+      {
+        label: 'testing',
+        message,
+        format,
+      },
+      {}
+    )
+    sendBadge(format, badgeData)
+  })
+}
+
+describe('The request handler', function() {
+  let port, baseUrl
+  beforeEach(async function() {
+    port = await portfinder.getPortPromise()
+    baseUrl = `http://127.0.0.1:${port}`
+  })
+
+  let camp
+  beforeEach(function(done) {
+    camp = Camp.start({ port, hostname: '::' })
+    camp.on('listening', () => done())
+  })
+  afterEach(function(done) {
+    clearRequestCache()
+    if (camp) {
+      camp.close(() => done())
+      camp = null
+    }
+  })
+
+  const standardCacheHeaders = { defaultCacheLengthSeconds: 120 }
+
+  describe('the options object calling style', function() {
+    beforeEach(function() {
+      camp.route(
+        /^\/testing\/([^/]+)\.(svg|png|gif|jpg|json)$/,
+        handleRequest(standardCacheHeaders, { handler: fakeHandler })
+      )
+    })
+
+    it('should return the expected response', async function() {
+      const { statusCode, body } = await got(`${baseUrl}/testing/123.json`, {
+        json: true,
+      })
+      expect(statusCode).to.equal(200)
+      expect(body).to.deep.equal({
+        name: 'testing',
+        value: '123',
+        label: 'testing',
+        message: '123',
+        color: 'lightgrey',
+        link: [],
+      })
+    })
+  })
+
+  describe('the function shorthand calling style', function() {
+    beforeEach(function() {
+      camp.route(
+        /^\/testing\/([^/]+)\.(svg|png|gif|jpg|json)$/,
+        handleRequest(standardCacheHeaders, fakeHandler)
+      )
+    })
+
+    it('should return the expected response', async function() {
+      const { statusCode, body } = await got(`${baseUrl}/testing/123.json`, {
+        json: true,
+      })
+      expect(statusCode).to.equal(200)
+      expect(body).to.deep.equal({
+        name: 'testing',
+        value: '123',
+        label: 'testing',
+        message: '123',
+        color: 'lightgrey',
+        link: [],
+      })
+    })
+  })
+
+  describe('the response size limit', function() {
+    beforeEach(function() {
+      camp.route(
+        /^\/testing\/([^/]+)\.(svg|png|gif|jpg|json)$/,
+        handleRequest(standardCacheHeaders, {
+          handler: fakeHandlerWithNetworkIo,
+          fetchLimitBytes: 100,
+        })
+      )
+    })
+
+    it('should not throw an error if the response <= fetchLimitBytes', async function() {
+      nock('https://www.google.com')
+        .get('/foo/bar')
+        .once()
+        .reply(200, 'x'.repeat(100))
+      const { statusCode, body } = await got(`${baseUrl}/testing/123.json`, {
+        json: true,
+      })
+      expect(statusCode).to.equal(200)
+      expect(body).to.deep.equal({
+        name: 'testing',
+        value: '123',
+        label: 'testing',
+        message: '123',
+        color: 'lightgrey',
+        link: [],
+      })
+    })
+
+    it('should throw an error if the response is > fetchLimitBytes', async function() {
+      nock('https://www.google.com')
+        .get('/foo/bar')
+        .once()
+        .reply(200, 'x'.repeat(101))
+      const { statusCode, body } = await got(`${baseUrl}/testing/123.json`, {
+        json: true,
+      })
+      expect(statusCode).to.equal(200)
+      expect(body).to.deep.equal({
+        name: 'testing',
+        value: 'Maximum response size exceeded',
+        label: 'testing',
+        message: 'Maximum response size exceeded',
+        color: 'lightgrey',
+        link: [],
+      })
+    })
+
+    afterEach(function() {
+      nock.cleanAll()
+    })
+  })
+
+  describe('caching', function() {
+    describe('standard query parameters', function() {
+      let handlerCallCount
+      beforeEach(function() {
+        handlerCallCount = 0
+      })
+
+      function register({ cacheHeaderConfig }) {
+        camp.route(
+          /^\/testing\/([^/]+)\.(svg|png|gif|jpg|json)$/,
+          handleRequest(
+            cacheHeaderConfig,
+            (queryParams, match, sendBadge, request) => {
+              ++handlerCallCount
+              fakeHandler(queryParams, match, sendBadge, request)
+            }
+          )
+        )
+      }
+
+      context('With standard cache settings', function() {
+        beforeEach(function() {
+          register({ cacheHeaderConfig: standardCacheHeaders })
+        })
+
+        it('should cache identical requests', async function() {
+          await performTwoRequests(
+            baseUrl,
+            '/testing/123.svg',
+            '/testing/123.svg'
+          )
+          expect(handlerCallCount).to.equal(1)
+        })
+
+        it('should differentiate known query parameters', async function() {
+          await performTwoRequests(
+            baseUrl,
+            '/testing/123.svg?label=foo',
+            '/testing/123.svg?label=bar'
+          )
+          expect(handlerCallCount).to.equal(2)
+        })
+
+        it('should ignore unknown query parameters', async function() {
+          await performTwoRequests(
+            baseUrl,
+            '/testing/123.svg?foo=1',
+            '/testing/123.svg?foo=2'
+          )
+          expect(handlerCallCount).to.equal(1)
+        })
+      })
+
+      it('should set the expires header to current time + defaultCacheLengthSeconds', async function() {
+        register({ cacheHeaderConfig: { defaultCacheLengthSeconds: 900 } })
+        const { headers } = await got(`${baseUrl}/testing/123.json`)
+        const expectedExpiry = new Date(
+          +new Date(headers.date) + 900000
+        ).toGMTString()
+        expect(headers.expires).to.equal(expectedExpiry)
+        expect(headers['cache-control']).to.equal('max-age=900')
+      })
+
+      it('should set the expected cache headers on cached responses', async function() {
+        register({ cacheHeaderConfig: { defaultCacheLengthSeconds: 900 } })
+
+        // Make first request.
+        await got(`${baseUrl}/testing/123.json`)
+
+        const { headers } = await got(`${baseUrl}/testing/123.json`)
+        const expectedExpiry = new Date(
+          +new Date(headers.date) + 900000
+        ).toGMTString()
+        expect(headers.expires).to.equal(expectedExpiry)
+        expect(headers['cache-control']).to.equal('max-age=900')
+      })
+
+      it('should let live service data override the default cache headers with longer value', async function() {
+        camp.route(
+          /^\/testing\/([^/]+)\.(svg|png|gif|jpg|json)$/,
+          handleRequest(
+            { defaultCacheLengthSeconds: 300 },
+            (queryParams, match, sendBadge, request) => {
+              ++handlerCallCount
+              createFakeHandlerWithCacheLength(400)(
+                queryParams,
+                match,
+                sendBadge,
+                request
+              )
+            }
+          )
+        )
+
+        const { headers } = await got(`${baseUrl}/testing/123.json`)
+        expect(headers['cache-control']).to.equal('max-age=400')
+      })
+
+      it('should not let live service data override the default cache headers with shorter value', async function() {
+        camp.route(
+          /^\/testing\/([^/]+)\.(svg|png|gif|jpg|json)$/,
+          handleRequest(
+            { defaultCacheLengthSeconds: 300 },
+            (queryParams, match, sendBadge, request) => {
+              ++handlerCallCount
+              createFakeHandlerWithCacheLength(200)(
+                queryParams,
+                match,
+                sendBadge,
+                request
+              )
+            }
+          )
+        )
+
+        const { headers } = await got(`${baseUrl}/testing/123.json`)
+        expect(headers['cache-control']).to.equal('max-age=300')
+      })
+
+      it('should set the expires header to current time + cacheSeconds', async function() {
+        register({ cacheHeaderConfig: { defaultCacheLengthSeconds: 0 } })
+        const { headers } = await got(
+          `${baseUrl}/testing/123.json?cacheSeconds=3600`
+        )
+        const expectedExpiry = new Date(
+          +new Date(headers.date) + 3600000
+        ).toGMTString()
+        expect(headers.expires).to.equal(expectedExpiry)
+        expect(headers['cache-control']).to.equal('max-age=3600')
+      })
+
+      it('should ignore cacheSeconds when shorter than defaultCacheLengthSeconds', async function() {
+        register({ cacheHeaderConfig: { defaultCacheLengthSeconds: 600 } })
+        const { headers } = await got(
+          `${baseUrl}/testing/123.json?cacheSeconds=300`
+        )
+        const expectedExpiry = new Date(
+          +new Date(headers.date) + 600000
+        ).toGMTString()
+        expect(headers.expires).to.equal(expectedExpiry)
+        expect(headers['cache-control']).to.equal('max-age=600')
+      })
+
+      it('should set Cache-Control: no-cache, no-store, must-revalidate if cache seconds is 0', async function() {
+        register({ cacheHeaderConfig: { defaultCacheLengthSeconds: 0 } })
+        const { headers } = await got(`${baseUrl}/testing/123.json`)
+        expect(headers.expires).to.equal(headers.date)
+        expect(headers['cache-control']).to.equal(
+          'no-cache, no-store, must-revalidate'
+        )
+      })
+
+      describe('the cache key', function() {
+        beforeEach(function() {
+          register({ cacheHeaderConfig: standardCacheHeaders })
+        })
+        const expectedCacheKey = '/testing/123.json?color=123&label=foo'
+        it('should match expected and use canonical order - 1', async function() {
+          await got(`${baseUrl}/testing/123.json?color=123&label=foo`)
+          expect(_requestCache.cache).to.have.keys(expectedCacheKey)
+        })
+        it('should match expected and use canonical order - 2', async function() {
+          await got(`${baseUrl}/testing/123.json?label=foo&color=123`)
+          expect(_requestCache.cache).to.have.keys(expectedCacheKey)
+        })
+      })
+    })
+
+    describe('custom query parameters', function() {
+      let handlerCallCount
+      beforeEach(function() {
+        handlerCallCount = 0
+        camp.route(
+          /^\/testing\/([^/]+)\.(svg|png|gif|jpg|json)$/,
+          handleRequest(standardCacheHeaders, {
+            queryParams: ['foo'],
+            handler: (queryParams, match, sendBadge, request) => {
+              ++handlerCallCount
+              fakeHandler(queryParams, match, sendBadge, request)
+            },
+          })
+        )
+      })
+
+      it('should differentiate them', async function() {
+        await performTwoRequests(
+          baseUrl,
+          '/testing/123.svg?foo=1',
+          '/testing/123.svg?foo=2'
+        )
+        expect(handlerCallCount).to.equal(2)
+      })
+    })
+  })
+})
--- a/core/base-service/legacy-result-sender.js
+++ b/core/base-service/legacy-result-sender.js
@@ -0,0 +1,37 @@
+'use strict'
+
+const stream = require('stream')
+
+function streamFromString(str) {
+  const newStream = new stream.Readable()
+  newStream._read = () => {
+    newStream.push(str)
+    newStream.push(null)
+  }
+  return newStream
+}
+
+function sendSVG(res, askres, end) {
+  askres.setHeader('Content-Type', 'image/svg+xml;charset=utf-8')
+  end(null, { template: streamFromString(res) })
+}
+
+function sendJSON(res, askres, end) {
+  askres.setHeader('Content-Type', 'application/json')
+  askres.setHeader('Access-Control-Allow-Origin', '*')
+  end(null, { template: streamFromString(res) })
+}
+
+function makeSend(format, askres, end) {
+  if (format === 'svg') {
+    return res => sendSVG(res, askres, end)
+  } else if (format === 'json') {
+    return res => sendJSON(res, askres, end)
+  } else {
+    throw Error(`Unrecognized format: ${format}`)
+  }
+}
+
+module.exports = {
+  makeSend,
+}
--- a/core/base-service/loader-test-fixtures/empty-array.fixture.js
+++ b/core/base-service/loader-test-fixtures/empty-array.fixture.js
@@ -0,0 +1,3 @@
+'use strict'
+
+module.exports = []
--- a/core/base-service/loader-test-fixtures/empty-no-export.fixture.js
+++ b/core/base-service/loader-test-fixtures/empty-no-export.fixture.js
@@ -0,0 +1,4 @@
+/* eslint-disable */
+'use strict'
+
+class BadService {}
--- a/core/base-service/loader-test-fixtures/empty-object.fixture.js
+++ b/core/base-service/loader-test-fixtures/empty-object.fixture.js
@@ -0,0 +1,3 @@
+'use strict'
+
+module.exports = {}
--- a/core/base-service/loader-test-fixtures/empty-undefined.fixture.js
+++ b/core/base-service/loader-test-fixtures/empty-undefined.fixture.js
@@ -0,0 +1,3 @@
+'use strict'
+
+module.exports = undefined
--- a/core/base-service/loader-test-fixtures/invalid-mixed.fixture.js
+++ b/core/base-service/loader-test-fixtures/invalid-mixed.fixture.js
@@ -0,0 +1,9 @@
+'use strict'
+
+const BaseJsonService = require('../base-json')
+
+class BadBaseService {}
+class GoodService extends BaseJsonService {}
+class BadService extends BadBaseService {}
+
+module.exports = [GoodService, BadService]
--- a/core/base-service/loader-test-fixtures/invalid-no-base.fixture.js
+++ b/core/base-service/loader-test-fixtures/invalid-no-base.fixture.js
@@ -0,0 +1,5 @@
+'use strict'
+
+class BadService {}
+
+module.exports = BadService
--- a/core/base-service/loader-test-fixtures/invalid-wrong-base.fixture.js
+++ b/core/base-service/loader-test-fixtures/invalid-wrong-base.fixture.js
@@ -0,0 +1,6 @@
+'use strict'
+
+class BadBaseService {}
+class BadService extends BadBaseService {}
+
+module.exports = BadService
--- a/core/base-service/loader-test-fixtures/valid-array.fixture.js
+++ b/core/base-service/loader-test-fixtures/valid-array.fixture.js
@@ -0,0 +1,30 @@
+'use strict'
+
+const BaseJsonService = require('../base-json')
+
+class GoodServiceOne extends BaseJsonService {
+  static get category() {
+    return 'build'
+  }
+
+  static get route() {
+    return {
+      base: 'good',
+      pattern: 'one',
+    }
+  }
+}
+class GoodServiceTwo extends BaseJsonService {
+  static get category() {
+    return 'build'
+  }
+
+  static get route() {
+    return {
+      base: 'good',
+      pattern: 'two',
+    }
+  }
+}
+
+module.exports = [GoodServiceOne, GoodServiceTwo]
--- a/core/base-service/loader-test-fixtures/valid-class.fixture.js
+++ b/core/base-service/loader-test-fixtures/valid-class.fixture.js
@@ -0,0 +1,18 @@
+'use strict'
+
+const BaseJsonService = require('../base-json')
+
+class GoodService extends BaseJsonService {
+  static get category() {
+    return 'build'
+  }
+
+  static get route() {
+    return {
+      base: 'it/is',
+      pattern: 'good',
+    }
+  }
+}
+
+module.exports = GoodService
--- a/core/base-service/loader-test-fixtures/valid-object.fixture.js
+++ b/core/base-service/loader-test-fixtures/valid-object.fixture.js
@@ -0,0 +1,30 @@
+'use strict'
+
+const BaseJsonService = require('../base-json')
+
+class GoodServiceOne extends BaseJsonService {
+  static get category() {
+    return 'build'
+  }
+
+  static get route() {
+    return {
+      base: 'good',
+      pattern: 'one',
+    }
+  }
+}
+class GoodServiceTwo extends BaseJsonService {
+  static get category() {
+    return 'build'
+  }
+
+  static get route() {
+    return {
+      base: 'good',
+      pattern: 'two',
+    }
+  }
+}
+
+module.exports = { GoodServiceOne, GoodServiceTwo }
--- a/core/base-service/loader.js
+++ b/core/base-service/loader.js
@@ -0,0 +1,118 @@
+'use strict'
+
+const path = require('path')
+const glob = require('glob')
+const countBy = require('lodash.countby')
+const categories = require('../../services/categories')
+const BaseService = require('./base')
+const { assertValidServiceDefinitionExport } = require('./service-definitions')
+
+const serviceDir = path.join(__dirname, '..', '..', 'services')
+
+class InvalidService extends Error {
+  constructor(message) {
+    super(message)
+    this.name = 'InvalidService'
+  }
+}
+
+function loadServiceClasses(servicePaths) {
+  if (!servicePaths) {
+    servicePaths = glob.sync(path.join(serviceDir, '**', '*.service.js'))
+  }
+
+  let serviceClasses = []
+  servicePaths.forEach(servicePath => {
+    const module = require(servicePath)
+
+    const theseServiceClasses = []
+    if (
+      !module ||
+      (module.constructor === Array && module.length === 0) ||
+      (module.constructor === Object && Object.keys(module).length === 0)
+    ) {
+      throw new InvalidService(
+        `Expected ${servicePath} to export a service or a collection of services`
+      )
+    } else if (module.prototype instanceof BaseService) {
+      theseServiceClasses.push(module)
+    } else if (module.constructor === Array || module.constructor === Object) {
+      for (const key in module) {
+        const serviceClass = module[key]
+        if (serviceClass.prototype instanceof BaseService) {
+          theseServiceClasses.push(serviceClass)
+        } else {
+          throw new InvalidService(
+            `Expected ${servicePath} to export a service or a collection of services; one of them was ${serviceClass}`
+          )
+        }
+      }
+    } else {
+      throw new InvalidService(
+        `Expected ${servicePath} to export a service or a collection of services; got ${module}`
+      )
+    }
+
+    // Decorate each service class with the directory that contains it.
+    theseServiceClasses.forEach(serviceClass => {
+      serviceClass.serviceFamily = servicePath
+        .replace(serviceDir, '')
+        .split(path.sep)[1]
+    })
+
+    serviceClasses = serviceClasses.concat(theseServiceClasses)
+  })
+
+  serviceClasses.forEach(ServiceClass => ServiceClass.validateDefinition())
+
+  return serviceClasses
+}
+
+function assertNamesUnique(names, { message }) {
+  const duplicates = {}
+  Object.entries(countBy(names))
+    .filter(([name, count]) => count > 1)
+    .forEach(([name, count]) => {
+      duplicates[name] = count
+    })
+  if (Object.keys(duplicates).length) {
+    throw new Error(`${message}: ${JSON.stringify(duplicates, undefined, 2)}`)
+  }
+}
+
+function checkNames() {
+  const services = loadServiceClasses()
+  assertNamesUnique(
+    services.map(({ name }) => name),
+    {
+      message: 'Duplicate service names found',
+    }
+  )
+}
+
+function collectDefinitions() {
+  const services = loadServiceClasses()
+    // flatMap.
+    .map(ServiceClass => ServiceClass.getDefinition())
+    .reduce((accum, these) => accum.concat(these), [])
+
+  const result = { schemaVersion: '0', categories, services }
+
+  assertValidServiceDefinitionExport(result)
+
+  return result
+}
+
+function loadTesters() {
+  return glob
+    .sync(path.join(serviceDir, '**', '*.tester.js'))
+    .map(path => require(path))
+}
+
+module.exports = {
+  InvalidService,
+  loadServiceClasses,
+  checkNames,
+  collectDefinitions,
+  loadTesters,
+}
--- a/core/base-service/loader.spec.js
+++ b/core/base-service/loader.spec.js
@@ -0,0 +1,59 @@
+'use strict'
+
+const { expect } = require('chai')
+const { loadServiceClasses, InvalidService } = require('./loader')
+
+describe('loadServiceClasses function', function() {
+  it('throws if module exports empty', function() {
+    expect(() =>
+      loadServiceClasses(['./loader-test-fixtures/empty-undefined.fixture.js'])
+    ).to.throw(InvalidService)
+    expect(() =>
+      loadServiceClasses(['./loader-test-fixtures/empty-array.fixture.js'])
+    ).to.throw()
+    expect(() =>
+      loadServiceClasses(['./loader-test-fixtures/empty-object.fixture.js'])
+    ).to.throw(InvalidService)
+    expect(() =>
+      loadServiceClasses(['./loader-test-fixtures/empty-no-export.fixture.js'])
+    ).to.throw(InvalidService)
+    expect(() =>
+      loadServiceClasses([
+        './loader-test-fixtures/valid-array.fixture.js',
+        './loader-test-fixtures/valid-class.fixture.js',
+        './loader-test-fixtures/empty-array.fixture.js',
+      ])
+    ).to.throw(InvalidService)
+  })
+
+  it('throws if module exports invalid', function() {
+    expect(() =>
+      loadServiceClasses(['./loader-test-fixtures/invalid-no-base.fixture.js'])
+    ).to.throw(InvalidService)
+    expect(() =>
+      loadServiceClasses([
+        './loader-test-fixtures/invalid-wrong-base.fixture.js',
+      ])
+    ).to.throw(InvalidService)
+    expect(() =>
+      loadServiceClasses(['./loader-test-fixtures/invalid-mixed.fixture.js'])
+    ).to.throw(InvalidService)
+    expect(() =>
+      loadServiceClasses([
+        './loader-test-fixtures/valid-array.fixture.js',
+        './loader-test-fixtures/valid-class.fixture.js',
+        './loader-test-fixtures/invalid-no-base.fixture.js',
+      ])
+    ).to.throw(InvalidService)
+  })
+
+  it('registers services if module exports valid service classes', function() {
+    expect(
+      loadServiceClasses([
+        './loader-test-fixtures/valid-array.fixture.js',
+        './loader-test-fixtures/valid-object.fixture.js',
+        './loader-test-fixtures/valid-class.fixture.js',
+      ])
+    ).to.have.length(5)
+  })
+})
--- a/Show More
+++ b/Show More