do nothing

Export OpenAPI definitions from service examples; affects [dynamic endpoint static] (#8966 )
* WIP export OpenAPI definitions from service examples * allow services to optionally define an OpenApi Paths Object instead of examples * make use of param descriptions and required query params * convert other 'core' services to declare openApi.. ..instead of examples * tweak descriptions for standard query params * move stuff around, add a high-level integration test for category2openapi * update simple-icons text refs #9054 * remove legacy param names
2023-04-11 19:27:40 +01:00 · 2023-04-11 18:37:16 +01:00 · 2023-04-10 10:19:16 +01:00 · 2023-04-08 18:32:51 +00:00 · 2023-04-07 20:23:50 +00:00 · 2023-04-07 20:16:20 +00:00
103 changed files with 5419 additions and 2181 deletions
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -1,77 +0,0 @@
-version: 2
-
-services_steps: &services_steps
-  steps:
-    - checkout
-
-    - run:
-        name: Install dependencies
-        command: |
-          npm ci
-        environment:
-          CYPRESS_INSTALL_BINARY: 0
-
-    - run:
-        name: Identify services tagged in the PR title
-        command: npm run test:services:pr:prepare
-
-    - run:
-        name: Run tests for tagged services
-        environment:
-          mocha_reporter: mocha-junit-reporter
-          MOCHA_FILE: junit/services/results.xml
-        command: RETRY_COUNT=3 npm run test:services:pr:run
-
-    - store_test_results:
-        path: junit
-
-jobs:
-  services:
-    docker:
-      - image: cimg/node:16.15
-
-    <<: *services_steps
-
-  services@node-17:
-    docker:
-      - image: cimg/node:17.9
-    environment:
-      NPM_CONFIG_ENGINE_STRICT: 'false'
-
-    <<: *services_steps
-
-workflows:
-  version: 2
-
-  on-commit:
-    jobs:
-      - services:
-          filters:
-            branches:
-              ignore:
-                - master
-                - gh-pages
-      - services@node-17:
-          filters:
-            branches:
-              ignore:
-                - master
-                - gh-pages
-  # on-commit-with-cache:
-  #   jobs:
-  #     - npm-install:
-  #         filters:
-  #           branches:
-  #             ignore: gh-pages
-  #     - services:
-  #         requires:
-  #           - npm-install
-  #         filters:
-  #           branches:
-  #             ignore: master
-  #     - services@node-latest:
-  #         requires:
-  #           - npm-install
-  #         filters:
-  #           branches:
-  #             ignore: master
--- a/.eslintrc.yml
+++ b/.eslintrc.yml
@@ -24,6 +24,7 @@ plugins:
  - chai-friendly
  - jsdoc
  - mocha
+  - icedfrisby
  - no-extension-in-require
  - sort-class-members
  - import
@@ -113,9 +114,16 @@ overrides:
      mocha: true
    rules:
      mocha/no-exclusive-tests: 'error'
+      mocha/no-skipped-tests: 'error'
      mocha/no-mocha-arrows: 'error'
      mocha/prefer-arrow-callback: 'error'

+  - files:
+      - 'services/**/*.tester.js'
+    rules:
+      icedfrisby/no-exclusive-tests: 'error'
+      icedfrisby/no-skipped-tests: 'error'
+
 rules:
  # Disable some rules from eslint:recommended.
  no-empty: ['error', { 'allowEmptyCatch': true }]
--- a/.github/actions/integration-tests/action.yml
+++ b/.github/actions/integration-tests/action.yml
@@ -7,11 +7,19 @@ inputs:
 runs:
  using: 'composite'
  steps:
+    - name: Migrate DB
+      if: always()
+      run: npm run migrate up
+      env:
+        POSTGRES_URL: postgresql://postgres:postgres@localhost:5432/ci_test
+      shell: bash
+
    - name: Integration Tests
      if: always()
      run: npm run test:integration -- --reporter json --reporter-option 'output=reports/integration-tests.json'
      env:
        GH_TOKEN: '${{ inputs.github-token }}'
+        POSTGRES_URL: postgresql://postgres:postgres@localhost:5432/ci_test
      shell: bash

    - name: Write Markdown Summary
--- a/.github/actions/service-tests/action.yml
+++ b/.github/actions/service-tests/action.yml
@@ -0,0 +1,86 @@
+name: 'Service tests'
+description: 'Run tests for selected services'
+inputs:
+  github-token:
+    description: 'The GITHUB_TOKEN secret'
+    required: true
+  librariesio-tokens:
+    description: 'The SERVICETESTS_LIBRARIESIO_TOKENS secret'
+    required: false
+    default: ''
+  obs-user:
+    description: 'The SERVICETESTS_OBS_USER secret'
+    required: false
+    default: ''
+  obs-pass:
+    description: 'The SERVICETESTS_OBS_PASS secret'
+    required: false
+    default: ''
+  sl-insight-user-uuid:
+    description: 'The SERVICETESTS_SL_INSIGHT_USER_UUID secret'
+    required: false
+    default: ''
+  sl-insight-api-token:
+    description: 'The SERVICETESTS_SL_INSIGHT_API_TOKEN secret'
+    required: false
+    default: ''
+  twitch-client-id:
+    description: 'The SERVICETESTS_TWITCH_CLIENT_ID secret'
+    required: false
+    default: ''
+  twitch-client-secret:
+    description: 'The SERVICETESTS_TWITCH_CLIENT_SECRET secret'
+    required: false
+    default: ''
+  wheelmap-token:
+    description: 'The SERVICETESTS_WHEELMAP_TOKEN secret'
+    required: false
+    default: ''
+  youtube-api-key:
+    description: 'The SERVICETESTS_YOUTUBE_API_KEY secret'
+    required: false
+    default: ''
+
+runs:
+  using: 'composite'
+  steps:
+    - name: Derive list of service tests to run
+      # Note: In this step we are using an intermediate env var instead of
+      # passing github.event.pull_request.title as an argument
+      # to prevent a shell injection attack. Further reading:
+      # https://securitylab.github.com/research/github-actions-untrusted-input/#exploitability-and-impact
+      # https://securitylab.github.com/research/github-actions-untrusted-input/#remediation
+      if: always()
+      env:
+        TITLE: ${{ github.event.pull_request.title }}
+      run: npm run test:services:pr:prepare "$TITLE"
+      shell: bash
+
+    - name: Run service tests
+      if: always()
+      run: npm run test:services:pr:run -- --reporter json --reporter-option 'output=reports/service-tests.json'
+      shell: bash
+      env:
+        RETRY_COUNT: 3
+        GH_TOKEN: '${{ inputs.github-token }}'
+        LIBRARIESIO_TOKENS: '${{ inputs.librariesio-tokens }}'
+        OBS_USER: '${{ inputs.obs-user }}'
+        OBS_PASS: '${{ inputs.obs-pass }}'
+        SL_INSIGHT_USER_UUID: '${{ inputs.sl-insight-user-uuid }}'
+        SL_INSIGHT_API_TOKEN: '${{ inputs.sl-insight-api-token }}'
+        TWITCH_CLIENT_ID: '${{ inputs.twitch-client-id }}'
+        TWITCH_CLIENT_SECRET: '${{ inputs.twitch-client-secret }}'
+        WHEELMAP_TOKEN: '${{ inputs.wheelmap-token }}'
+        YOUTUBE_API_KEY: '${{ inputs.youtube-api-key }}'
+
+    - name: Write Markdown Summary
+      if: always()
+      run: |
+        if test -f 'reports/service-tests.json'; then
+          echo '# Services' >> $GITHUB_STEP_SUMMARY
+          sed -e 's/^/- /' pull-request-services.log >> $GITHUB_STEP_SUMMARY
+          node scripts/mocha2md.js Report reports/service-tests.json >> $GITHUB_STEP_SUMMARY
+        else
+          echo 'No services found. Nothing to do.' >> $GITHUB_STEP_SUMMARY
+        fi
+      shell: bash
--- a/.github/workflows/build-docker-image.yml
+++ b/.github/workflows/build-docker-image.yml
@@ -11,15 +11,17 @@ jobs:

      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v2
+        with:
+          version: v0.9.1

      - name: Set Git Short SHA
        run: echo "SHORT_SHA=${GITHUB_SHA::7}" >> $GITHUB_ENV

      - name: Build
-        uses: docker/build-push-action@v3
+        uses: docker/build-push-action@v4
        with:
          context: .
          push: false
-          tags: shieldsio/shields:pr-validation
+          tags: ghcr.io/badges/shields:pr-validation
          build-args: |
            version=${{ env.SHORT_SHA }}
--- a/.github/workflows/create-release.yml
+++ b/.github/workflows/create-release.yml
@@ -6,6 +6,7 @@ on:

 permissions:
  contents: write
+  packages: write

 jobs:
  create-release:
@@ -35,6 +36,8 @@ jobs:

      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v2
+        with:
+          version: v0.9.1

      - name: Login to DockerHub
        uses: docker/login-action@v2
@@ -43,10 +46,26 @@ jobs:
          password: ${{ secrets.DOCKERHUB_TOKEN }}

      - name: Build and push snapshot release to DockerHub
-        uses: docker/build-push-action@v3
+        uses: docker/build-push-action@v4
        with:
          context: .
          push: true
          tags: shieldsio/shields:server-${{ steps.date.outputs.date }}
          build-args: |
            version=server-${{ steps.date.outputs.date }}
+
+      - name: Login to GHCR
+        uses: docker/login-action@v2
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Build and push snapshot release to GHCR
+        uses: docker/build-push-action@v4
+        with:
+          context: .
+          push: true
+          tags: ghcr.io/badges/shields:server-${{ steps.date.outputs.date }}
+          build-args: |
+            version=server-${{ steps.date.outputs.date }}
--- a/.github/workflows/danger.yml
+++ b/.github/workflows/danger.yml
@@ -11,7 +11,7 @@ permissions:
 jobs:
  danger:
    runs-on: ubuntu-latest
-    if: github.actor != 'dependabot[bot]'
+    if: github.actor != 'dependabot[bot]' && github.actor != 'repo-ranger[bot]'
    steps:
      - name: Checkout
        uses: actions/checkout@v3
--- a/.github/workflows/deploy-docs.yml
+++ b/.github/workflows/deploy-docs.yml
@@ -16,10 +16,13 @@ jobs:
        with:
          persist-credentials: false

+      - name: Setup
+        uses: ./.github/actions/setup
+        with:
+          node-version: 16
+
      - name: Build
-        run: |
-          npm ci
-          npm run build-docs
+        run: npm run build-docs

      - name: Deploy
        uses: JamesIves/github-pages-deploy-action@v4
--- a/.github/workflows/publish-docker-next.yml
+++ b/.github/workflows/publish-docker-next.yml
@@ -4,6 +4,9 @@ on:
    branches:
      - master

+permissions:
+  packages: write
+
 jobs:
  publish-docker-next:
    runs-on: ubuntu-latest
@@ -13,6 +16,8 @@ jobs:

      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v2
+        with:
+          version: v0.9.1

      - name: Login to DockerHub
        uses: docker/login-action@v2
@@ -23,11 +28,27 @@ jobs:
      - name: Set Git Short SHA
        run: echo "SHORT_SHA=${GITHUB_SHA::7}" >> $GITHUB_ENV

-      - name: Build and push
-        uses: docker/build-push-action@v3
+      - name: Build and push to DockerHub
+        uses: docker/build-push-action@v4
        with:
          context: .
          push: true
          tags: shieldsio/shields:next
          build-args: |
            version=${{ env.SHORT_SHA }}
+
+      - name: Login to GHCR
+        uses: docker/login-action@v2
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Build and push to GHCR
+        uses: docker/build-push-action@v4
+        with:
+          context: .
+          push: true
+          tags: ghcr.io/badges/shields:next
+          build-args: |
+            version=${{ env.SHORT_SHA }}
--- a/.github/workflows/test-integration-17.yml
+++ b/.github/workflows/test-integration-17.yml
@@ -23,6 +23,19 @@ jobs:
          --health-retries 5
        ports:
          - 6379:6379
+      postgres:
+        image: postgres
+        env:
+          POSTGRES_USER: postgres
+          POSTGRES_PASSWORD: postgres
+          POSTGRES_DB: ci_test
+        options: >-
+          --health-cmd pg_isready
+          --health-interval 10s
+          --health-timeout 5s
+          --health-retries 5
+        ports:
+          - 5432:5432

    steps:
      - name: Checkout
--- a/.github/workflows/test-integration.yml
+++ b/.github/workflows/test-integration.yml
@@ -23,6 +23,19 @@ jobs:
          --health-retries 5
        ports:
          - 6379:6379
+      postgres:
+        image: postgres
+        env:
+          POSTGRES_USER: postgres
+          POSTGRES_PASSWORD: postgres
+          POSTGRES_DB: ci_test
+        options: >-
+          --health-cmd pg_isready
+          --health-interval 10s
+          --health-timeout 5s
+          --health-retries 5
+        ports:
+          - 5432:5432

    steps:
      - name: Checkout
--- a/.github/workflows/test-services-17.yml
+++ b/.github/workflows/test-services-17.yml
@@ -0,0 +1,40 @@
+name: Services@node 17
+on:
+  pull_request:
+    types: [opened, edited, reopened, synchronize]
+
+jobs:
+  test-services-17:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+
+      - name: Setup
+        uses: ./.github/actions/setup
+        with:
+          node-version: 17
+        env:
+          NPM_CONFIG_ENGINE_STRICT: 'false'
+
+      - name: Service tests (triggered from local branch)
+        if: github.event.pull_request.head.repo.full_name == github.repository
+        uses: ./.github/actions/service-tests
+        with:
+          github-token: '${{ secrets.GH_PAT }}'
+          librariesio-tokens: '${{ secrets.SERVICETESTS_LIBRARIESIO_TOKENS }}'
+          obs-user: '${{ secrets.SERVICETESTS_OBS_USER }}'
+          obs-pass: '${{ secrets.SERVICETESTS_OBS_PASS }}'
+          sl-insight-user-uuid: '${{ secrets.SERVICETESTS_SL_INSIGHT_USER_UUID }}'
+          sl-insight-api-token: '${{ secrets.SERVICETESTS_SL_INSIGHT_API_TOKEN }}'
+          twitch-client-id: '${{ secrets.SERVICETESTS_TWITCH_CLIENT_ID }}'
+          twitch-client-secret: '${{ secrets.SERVICETESTS_TWITCH_CLIENT_SECRET }}'
+          wheelmap-token: '${{ secrets.SERVICETESTS_WHEELMAP_TOKEN }}'
+          youtube-api-key: '${{ secrets.SERVICETESTS_YOUTUBE_API_KEY }}'
+
+      - name: Service tests (triggered from fork)
+        if: github.event.pull_request.head.repo.full_name != github.repository
+        uses: ./.github/actions/service-tests
+        with:
+          github-token: '${{ secrets.GITHUB_TOKEN }}'
--- a/.github/workflows/test-services.yml
+++ b/.github/workflows/test-services.yml
@@ -0,0 +1,38 @@
+name: Services
+on:
+  pull_request:
+    types: [opened, edited, reopened, synchronize]
+
+jobs:
+  test-services:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+
+      - name: Setup
+        uses: ./.github/actions/setup
+        with:
+          node-version: 16
+
+      - name: Service tests (triggered from local branch)
+        if: github.event.pull_request.head.repo.full_name == github.repository
+        uses: ./.github/actions/service-tests
+        with:
+          github-token: '${{ secrets.GH_PAT }}'
+          librariesio-tokens: '${{ secrets.SERVICETESTS_LIBRARIESIO_TOKENS }}'
+          obs-user: '${{ secrets.SERVICETESTS_OBS_USER }}'
+          obs-pass: '${{ secrets.SERVICETESTS_OBS_PASS }}'
+          sl-insight-user-uuid: '${{ secrets.SERVICETESTS_SL_INSIGHT_USER_UUID }}'
+          sl-insight-api-token: '${{ secrets.SERVICETESTS_SL_INSIGHT_API_TOKEN }}'
+          twitch-client-id: '${{ secrets.SERVICETESTS_TWITCH_CLIENT_ID }}'
+          twitch-client-secret: '${{ secrets.SERVICETESTS_TWITCH_CLIENT_SECRET }}'
+          wheelmap-token: '${{ secrets.SERVICETESTS_WHEELMAP_TOKEN }}'
+          youtube-api-key: '${{ secrets.SERVICETESTS_YOUTUBE_API_KEY }}'
+
+      - name: Service tests (triggered from fork)
+        if: github.event.pull_request.head.repo.full_name != github.repository
+        uses: ./.github/actions/service-tests
+        with:
+          github-token: '${{ secrets.GITHUB_TOKEN }}'
--- a/.gitignore
+++ b/.gitignore
@@ -96,6 +96,7 @@ typings/
 badge-examples.json
 supported-features.json
 service-definitions.yml
+frontend/categories/*.yaml

 # Local runtime configuration.
 /config/local*.yml
@@ -117,3 +118,6 @@ service-definitions.yml

 # Flamebearer
 flamegraph.html
+
+# config file for node-pg-migrate
+migrations-config.json
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -4,6 +4,38 @@ Note: this changelog is for the shields.io server. The changelog for the badge-m

 ---

+## server-2023-04-02
+
+- [JenkinsCoverage] Update Jenkins Code Coverage API for new plugin version [#9010](https://github.com/badges/shields/issues/9010)
+- [CTAN] fallback to date if version is empty [#9036](https://github.com/badges/shields/issues/9036)
+- Update to [CTAN] API version 2.0 [#9016](https://github.com/badges/shields/issues/9016)
+- handle missing statistics array in [VisualStudioMarketplace] badges [#8985](https://github.com/badges/shields/issues/8985)
+- [Netlify] upgrade colors for SVG parsing [#8971](https://github.com/badges/shields/issues/8971)
+- Fix [Vcpkg] version service for different version fields [#8945](https://github.com/badges/shields/issues/8945)
+- only try to close pool if one exists [#8947](https://github.com/badges/shields/issues/8947)
+- misc minor fixes to [githubsize node pypi] [#8946](https://github.com/badges/shields/issues/8946)
+- Dependency updates
+
+## server-2023-03-01
+
+**Deprecation:** For users who need to maintain a Github Token pool, storage has been provided via the `RedisTokenPersistence` and `REDIS_URL` settings. As of this release, the `RedisTokenPersistence` backend is now deprecated and will be removed in a future release. If you are using this feature, you will need to migrate to using the `SQLTokenPersistence` backend for storage and provide a postgres connection string via the `POSTGRES_URL` setting. [#8922](https://github.com/badges/shields/issues/8922)
+
+- fix: for crates.io versions, use max_stable_version if it exists [#8687](https://github.com/badges/shields/issues/8687)
+- don't autofocus search [#8927](https://github.com/badges/shields/issues/8927)
+- Add [Vcpkg] version service [#8923](https://github.com/badges/shields/issues/8923)
+- fix: Set uid/gid in docker image to 0 [#8908](https://github.com/badges/shields/issues/8908)
+- expose port 443 in Dockerfile [#8889](https://github.com/badges/shields/issues/8889)
+- Dependency updates
+
+## server-2023-02-01
+
+- replace [twitter] badge with static fallback [#8842](https://github.com/badges/shields/issues/8842)
+- Add various [Polymart] badges [#8811](https://github.com/badges/shields/issues/8811)
+- update [githubpipenv] tests/examples [#8797](https://github.com/badges/shields/issues/8797)
+- deprecate [apm] service [#8773](https://github.com/badges/shields/issues/8773)
+- deprecate lgtm [#8771](https://github.com/badges/shields/issues/8771)
+- Dependency updates
+
 ## server-2023-01-01

 - Breaking change: Routes for GitHub workflows badge have changed. See https://github.com/badges/shields/issues/8671 for more details
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -134,9 +134,20 @@ Prettier before a commit by default.
 When adding or changing a service [please write tests][service-tests], and ensure the [title of your Pull Requests follows the required conventions](#running-service-tests-in-pull-requests) to ensure your tests are executed.
 When changing other code, please add unit tests.

-To run the integration tests, you must have Redis installed and in your PATH.
-Use `brew install redis`, `yum install redis`, etc. The test runner will
-start the server automatically.
+The integration tests are not run by default. For most contributions it is OK to skip these unless you're working directly on the code for storing the GitHub token pool in postgres/redis.
+
+To run the integration tests:
+
+- You must have Redis installed and in your PATH. Use `brew install redis`, `apt-get install redis`, etc. The test runner will start the server automatically.
+- You must also have PostgreSQL installed. Use `brew install postgresql`, `apt-get install postgresql`, etc.
+- Set a connection string either with an env var `POSTGRES_URL=postgresql://user:pass@127.0.0.1:5432/db_name` or by using
+  ```yaml
+  private:
+    postgres_url: 'postgresql://user:pass@127.0.0.1:5432/db_name'
+  ```
+  in a yaml config file.
+- Run `npm run migrate up` to apply DB migrations
+- Run `npm run test:integration` to run the tests

 [service-tests]: https://github.com/badges/shields/blob/master/doc/service-tests.md

--- a/4
+++ b/4
@@ -30,8 +30,8 @@ LABEL fly.version=$version
 ENV NODE_ENV production

 WORKDIR /usr/src/app
-COPY --from=Builder /usr/src/app /usr/src/app
+COPY --from=Builder --chown=0:0 /usr/src/app /usr/src/app

 CMD node server

-EXPOSE 80
+EXPOSE 80 443
--- a/config/custom-environment-variables.yml
+++ b/config/custom-environment-variables.yml
@@ -94,6 +94,7 @@ private:
  obs_user: 'OBS_USER'
  obs_pass: 'OBS_PASS'
  redis_url: 'REDIS_URL'
+  postgres_url: 'POSTGRES_URL'
  sentry_dsn: 'SENTRY_DSN'
  sl_insight_userUuid: 'SL_INSIGHT_USER_UUID'
  sl_insight_apiToken: 'SL_INSIGHT_API_TOKEN'
--- a/core/base-service/base.js
+++ b/core/base-service/base.js
@@ -140,6 +140,15 @@ class BaseService {
   */
  static examples = []

+  /**
+   * Optional: an OpenAPI Paths Object describing this service's
+   * route or routes in OpenAPI format.
+   *
+   * @see https://swagger.io/specification/#paths-object
+   * @abstract
+   */
+  static openApi = undefined
+
  static get _cacheLength() {
    const cacheLengths = {
      build: 30,
@@ -183,7 +192,7 @@ class BaseService {
  }

  static getDefinition() {
-    const { category, name, isDeprecated } = this
+    const { category, name, isDeprecated, openApi } = this
    const { base, format, pattern } = this.route
    const queryParams = getQueryParamNames(this.route)

@@ -200,7 +209,7 @@ class BaseService {
      route = undefined
    }

-    const result = { category, name, isDeprecated, route, examples }
+    const result = { category, name, isDeprecated, route, examples, openApi }

    assertValidServiceDefinition(result, `getDefinition() for ${this.name}`)

--- a/core/base-service/examples.js
+++ b/core/base-service/examples.js
@@ -129,6 +129,7 @@ function transformExample(inExample, index, ServiceClass) {
    ServiceClass
  )

+  const category = categories.find(c => c.id === ServiceClass.category)
  return {
    title,
    example: {
@@ -146,9 +147,7 @@ function transformExample(inExample, index, ServiceClass) {
      style: style === 'flat' ? undefined : style,
      namedLogo,
    },
-    keywords: keywords.concat(
-      categories.find(c => c.id === ServiceClass.category).keywords
-    ),
+    keywords: category ? keywords.concat(category.keywords) : keywords,
    documentation: documentation ? { __html: documentation } : undefined,
  }
 }
--- a/core/base-service/loader.js
+++ b/core/base-service/loader.js
@@ -1,6 +1,6 @@
 import path from 'path'
 import { fileURLToPath } from 'url'
-import glob from 'glob'
+import { globSync } from 'glob'
 import countBy from 'lodash.countby'
 import categories from '../../services/categories.js'
 import BaseService from './base.js'
@@ -28,7 +28,7 @@ class InvalidService extends Error {
 }

 function getServicePaths(pattern) {
-  return glob.sync(toUnixPath(path.join(serviceDir, '**', pattern)))
+  return globSync(toUnixPath(path.join(serviceDir, '**', pattern))).sort()
 }

 async function loadServiceClasses(servicePaths) {
@@ -53,8 +53,8 @@ async function loadServiceClasses(servicePaths) {
      if (serviceClass && serviceClass.prototype instanceof BaseService) {
        // Decorate each service class with the directory that contains it.
        serviceClass.serviceFamily = servicePath
-          .replace(toUnixPath(serviceDir), '')
-          .split('/')[1]
+          .replace(serviceDir, '')
+          .split(path.sep)[1]
        serviceClass.validateDefinition()
        return serviceClasses.push(serviceClass)
      }
--- a/core/base-service/openapi.js
+++ b/core/base-service/openapi.js
@@ -0,0 +1,335 @@
+const baseUrl = process.env.BASE_URL || 'https://img.shields.io'
+const globalParamRefs = [
+  { $ref: '#/components/parameters/style' },
+  { $ref: '#/components/parameters/logo' },
+  { $ref: '#/components/parameters/logoColor' },
+  { $ref: '#/components/parameters/label' },
+  { $ref: '#/components/parameters/labelColor' },
+  { $ref: '#/components/parameters/color' },
+  { $ref: '#/components/parameters/cacheSeconds' },
+  { $ref: '#/components/parameters/link' },
+]
+
+function getCodeSamples(altText) {
+  return [
+    {
+      lang: 'URL',
+      label: 'URL',
+      source: '$url',
+    },
+    {
+      lang: 'Markdown',
+      label: 'Markdown',
+      source: `![${altText}]($url)`,
+    },
+    {
+      lang: 'reStructuredText',
+      label: 'rSt',
+      source: `.. image:: $url\n:   alt: ${altText}`,
+    },
+    {
+      lang: 'AsciiDoc',
+      label: 'AsciiDoc',
+      source: `image:$url[${altText}]`,
+    },
+    {
+      lang: 'HTML',
+      label: 'HTML',
+      source: `<img alt="${altText}" src="$url">`,
+    },
+  ]
+}
+
+function pattern2openapi(pattern) {
+  return pattern
+    .replace(/:([A-Za-z0-9_\-.]+)(?=[/]?)/g, (matches, grp1) => `{${grp1}}`)
+    .replace(/\([^)]*\)/g, '')
+    .replace(/\+$/, '')
+}
+
+function getEnum(pattern, paramName) {
+  const re = new RegExp(`${paramName}\\(([A-Za-z0-9_\\-|]+)\\)`)
+  const match = pattern.match(re)
+  if (match === null) {
+    return undefined
+  }
+  if (!match[1].includes('|')) {
+    return undefined
+  }
+  return match[1].split('|')
+}
+
+function param2openapi(pattern, paramName, exampleValue, paramType) {
+  const outParam = {}
+  outParam.name = paramName
+  // We don't have description if we are building the OpenAPI spec from examples[]
+  outParam.in = paramType
+  if (paramType === 'path') {
+    outParam.required = true
+  } else {
+    /* Occasionally we do have required query params, but we can't
+    detect this if we are building the OpenAPI spec from examples[]
+    so just assume all query params are optional */
+    outParam.required = false
+  }
+
+  if (exampleValue === null && paramType === 'query') {
+    outParam.schema = { type: 'boolean' }
+    outParam.allowEmptyValue = true
+  } else {
+    outParam.schema = { type: 'string' }
+  }
+
+  if (paramType === 'path') {
+    outParam.schema.enum = getEnum(pattern, paramName)
+  }
+
+  outParam.example = exampleValue
+  return outParam
+}
+
+function getVariants(pattern) {
+  /*
+  given a URL pattern (which may include '/one/or/:more?/:optional/:parameters*')
+  return an array of all possible permutations:
+  [
+    '/one/or/:more/:optional/:parameters',
+    '/one/or/:optional/:parameters',
+    '/one/or/:more/:optional',
+    '/one/or/:optional',
+  ]
+  */
+  const patterns = [pattern.split('/')]
+  while (patterns.flat().find(p => p.endsWith('?') || p.endsWith('*'))) {
+    for (let i = 0; i < patterns.length; i++) {
+      const pattern = patterns[i]
+      for (let j = 0; j < pattern.length; j++) {
+        const path = pattern[j]
+        if (path.endsWith('?') || path.endsWith('*')) {
+          pattern[j] = path.slice(0, -1)
+          patterns.push(patterns[i].filter(p => p !== pattern[j]))
+        }
+      }
+    }
+  }
+  for (let i = 0; i < patterns.length; i++) {
+    patterns[i] = patterns[i].join('/')
+  }
+  return patterns
+}
+
+function examples2openapi(examples) {
+  const paths = {}
+  for (const example of examples) {
+    const patterns = getVariants(example.example.pattern)
+
+    for (const pattern of patterns) {
+      const openApiPattern = pattern2openapi(pattern)
+      if (
+        openApiPattern.includes('*') ||
+        openApiPattern.includes('?') ||
+        openApiPattern.includes('+') ||
+        openApiPattern.includes('(')
+      ) {
+        throw new Error(`unexpected characters in pattern '${openApiPattern}'`)
+      }
+
+      /*
+      There's several things going on in this block:
+      1. Filter out any examples for params that don't appear
+         in this variant of the route
+      2. Make sure we add params to the array
+         in the same order they appear in the route
+      3. If there are any params we don't have an example value for,
+         make sure they still appear in the pathParams array with
+         exampleValue == undefined anyway
+      */
+      const pathParams = []
+      for (const param of openApiPattern
+        .split('/')
+        .filter(p => p.startsWith('{') && p.endsWith('}'))) {
+        const paramName = param.slice(1, -1)
+        const exampleValue = example.example.namedParams[paramName]
+        pathParams.push(param2openapi(pattern, paramName, exampleValue, 'path'))
+      }
+
+      const queryParams = example.example.queryParams || {}
+
+      const parameters = [
+        ...pathParams,
+        ...Object.entries(queryParams).map(([paramName, exampleValue]) =>
+          param2openapi(pattern, paramName, exampleValue, 'query')
+        ),
+        ...globalParamRefs,
+      ]
+      paths[openApiPattern] = {
+        get: {
+          summary: example.title,
+          description: example?.documentation?.__html
+            .replace(/<br>/g, '<br />') // react does not like <br>
+            .replace(/{/g, '&#123;')
+            .replace(/}/g, '&#125;')
+            .replace(/<style>(.|\n)*?<\/style>/, ''), // workaround for w3c-validation TODO: remove later
+          parameters,
+          'x-code-samples': getCodeSamples(example.title),
+        },
+      }
+    }
+  }
+  return paths
+}
+
+function addGlobalProperties(endpoints) {
+  const paths = {}
+  for (const key of Object.keys(endpoints)) {
+    paths[key] = endpoints[key]
+    paths[key].get.parameters = [
+      ...paths[key].get.parameters,
+      ...globalParamRefs,
+    ]
+    paths[key].get['x-code-samples'] = getCodeSamples(paths[key].get.summary)
+  }
+  return paths
+}
+
+function services2openapi(services) {
+  const paths = {}
+  for (const service of services) {
+    if (service.openApi) {
+      // if the service declares its own OpenAPI definition, use that...
+      for (const [key, value] of Object.entries(
+        addGlobalProperties(service.openApi)
+      )) {
+        if (key in paths) {
+          throw new Error(`Conflicting route: ${key}`)
+        }
+        paths[key] = value
+      }
+    } else {
+      // ...otherwise do our best to build one from examples[]
+      for (const [key, value] of Object.entries(
+        examples2openapi(service.examples)
+      )) {
+        // allow conflicting routes for legacy examples
+        paths[key] = value
+      }
+    }
+  }
+  return paths
+}
+
+function category2openapi(category, services) {
+  const spec = {
+    openapi: '3.0.0',
+    info: {
+      version: '1.0.0',
+      title: category.name,
+      license: {
+        name: 'CC0',
+      },
+    },
+    servers: [{ url: baseUrl }],
+    components: {
+      parameters: {
+        style: {
+          name: 'style',
+          in: 'query',
+          required: false,
+          description:
+            'One of: flat (default), flat-square, plastic, for-the-badge, social',
+          schema: {
+            type: 'string',
+          },
+          example: 'flat',
+        },
+        logo: {
+          name: 'logo',
+          in: 'query',
+          required: false,
+          description:
+            'One of the named logos (bitcoin, dependabot, gitlab, npm, paypal, serverfault, stackexchange, superuser, telegram, travis) or simple-icons. All simple-icons are referenced using icon slugs. You can click the icon title on <a href="https://simpleicons.org/" rel="noopener noreferrer" target="_blank">simple-icons</a> to copy the slug or they can be found in the <a href="https://github.com/simple-icons/simple-icons/blob/master/slugs.md">slugs.md file</a> in the simple-icons repository.',
+          schema: {
+            type: 'string',
+          },
+          example: 'appveyor',
+        },
+        logoColor: {
+          name: 'logoColor',
+          in: 'query',
+          required: false,
+          description:
+            'The color of the logo (hex, rgb, rgba, hsl, hsla and css named colors supported). Supported for named logos and Shields logos but not for custom logos. For multicolor Shields logos, the corresponding named logo will be used and colored.',
+          schema: {
+            type: 'string',
+          },
+          example: 'violet',
+        },
+        label: {
+          name: 'label',
+          in: 'query',
+          required: false,
+          description:
+            'Override the default left-hand-side text (<a href="https://developer.mozilla.org/en-US/docs/Glossary/percent-encoding">URL-Encoding</a> needed for spaces or special characters!)',
+          schema: {
+            type: 'string',
+          },
+          example: 'healthiness',
+        },
+        labelColor: {
+          name: 'labelColor',
+          in: 'query',
+          required: false,
+          description:
+            'Background color of the left part (hex, rgb, rgba, hsl, hsla and css named colors supported).',
+          schema: {
+            type: 'string',
+          },
+          example: 'abcdef',
+        },
+        color: {
+          name: 'color',
+          in: 'query',
+          required: false,
+          description:
+            'Background color of the right part (hex, rgb, rgba, hsl, hsla and css named colors supported).',
+          schema: {
+            type: 'string',
+          },
+          example: 'fedcba',
+        },
+        cacheSeconds: {
+          name: 'cacheSeconds',
+          in: 'query',
+          required: false,
+          description:
+            'HTTP cache lifetime (rules are applied to infer a default value on a per-badge basis, any values specified below the default will be ignored).',
+          schema: {
+            type: 'string',
+          },
+          example: '3600',
+        },
+        link: {
+          name: 'link',
+          in: 'query',
+          required: false,
+          description:
+            'Specify what clicking on the left/right of a badge should do. Note that this only works when integrating your badge in an `<object>` HTML tag, but not an `<img>` tag or a markup language.',
+          style: 'form',
+          explode: true,
+          schema: {
+            type: 'array',
+            maxItems: 2,
+            items: {
+              type: 'string',
+            },
+          },
+        },
+      },
+    },
+    paths: services2openapi(services),
+  }
+
+  return spec
+}
+
+export { category2openapi }
--- a/core/base-service/openapi.spec.js
+++ b/core/base-service/openapi.spec.js
@@ -0,0 +1,379 @@
+import chai from 'chai'
+import { category2openapi } from './openapi.js'
+import BaseJsonService from './base-json.js'
+const { expect } = chai
+
+class OpenApiService extends BaseJsonService {
+  static category = 'build'
+  static route = { base: 'openapi/service', pattern: ':packageName/:distTag*' }
+
+  // this service defines its own API Paths Object
+  static openApi = {
+    '/openapi/service/{packageName}': {
+      get: {
+        summary: 'OpenApiService Summary',
+        description: 'OpenApiService Description',
+        parameters: [
+          {
+            name: 'packageName',
+            description: 'packageName description',
+            in: 'path',
+            required: true,
+            schema: { type: 'string' },
+            example: 'badge-maker',
+          },
+        ],
+      },
+    },
+    '/openapi/service/{packageName}/{distTag}': {
+      get: {
+        summary: 'OpenApiService Summary (with Tag)',
+        description: 'OpenApiService Description (with Tag)',
+        parameters: [
+          {
+            name: 'packageName',
+            description: 'packageName description',
+            in: 'path',
+            required: true,
+            schema: { type: 'string' },
+            example: 'badge-maker',
+          },
+          {
+            name: 'distTag',
+            description: 'distTag description',
+            in: 'path',
+            required: true,
+            schema: { type: 'string' },
+            example: 'latest',
+          },
+        ],
+      },
+    },
+  }
+}
+
+class LegacyService extends BaseJsonService {
+  static category = 'build'
+  static route = { base: 'legacy/service', pattern: ':packageName/:distTag*' }
+
+  // this service defines an Examples Array
+  static examples = [
+    {
+      title: 'LegacyService Title',
+      namedParams: { packageName: 'badge-maker' },
+      staticPreview: { label: 'build', message: 'passing' },
+      documentation: 'LegacyService Description',
+    },
+    {
+      title: 'LegacyService Title (with Tag)',
+      namedParams: { packageName: 'badge-maker', distTag: 'latest' },
+      staticPreview: { label: 'build', message: 'passing' },
+      documentation: 'LegacyService Description (with Tag)',
+    },
+  ]
+}
+
+const expected = {
+  openapi: '3.0.0',
+  info: { version: '1.0.0', title: 'build', license: { name: 'CC0' } },
+  servers: [{ url: 'https://img.shields.io' }],
+  components: {
+    parameters: {
+      style: {
+        name: 'style',
+        in: 'query',
+        required: false,
+        description:
+          'One of: flat (default), flat-square, plastic, for-the-badge, social',
+        schema: { type: 'string' },
+        example: 'flat',
+      },
+      logo: {
+        name: 'logo',
+        in: 'query',
+        required: false,
+        description:
+          'One of the named logos (bitcoin, dependabot, gitlab, npm, paypal, serverfault, stackexchange, superuser, telegram, travis) or simple-icons. All simple-icons are referenced using icon slugs. You can click the icon title on <a href="https://simpleicons.org/" rel="noopener noreferrer" target="_blank">simple-icons</a> to copy the slug or they can be found in the <a href="https://github.com/simple-icons/simple-icons/blob/master/slugs.md">slugs.md file</a> in the simple-icons repository.',
+        schema: { type: 'string' },
+        example: 'appveyor',
+      },
+      logoColor: {
+        name: 'logoColor',
+        in: 'query',
+        required: false,
+        description:
+          'The color of the logo (hex, rgb, rgba, hsl, hsla and css named colors supported). Supported for named logos and Shields logos but not for custom logos. For multicolor Shields logos, the corresponding named logo will be used and colored.',
+        schema: { type: 'string' },
+        example: 'violet',
+      },
+      label: {
+        name: 'label',
+        in: 'query',
+        required: false,
+        description:
+          'Override the default left-hand-side text (<a href="https://developer.mozilla.org/en-US/docs/Glossary/percent-encoding">URL-Encoding</a> needed for spaces or special characters!)',
+        schema: { type: 'string' },
+        example: 'healthiness',
+      },
+      labelColor: {
+        name: 'labelColor',
+        in: 'query',
+        required: false,
+        description:
+          'Background color of the left part (hex, rgb, rgba, hsl, hsla and css named colors supported).',
+        schema: { type: 'string' },
+        example: 'abcdef',
+      },
+      color: {
+        name: 'color',
+        in: 'query',
+        required: false,
+        description:
+          'Background color of the right part (hex, rgb, rgba, hsl, hsla and css named colors supported).',
+        schema: { type: 'string' },
+        example: 'fedcba',
+      },
+      cacheSeconds: {
+        name: 'cacheSeconds',
+        in: 'query',
+        required: false,
+        description:
+          'HTTP cache lifetime (rules are applied to infer a default value on a per-badge basis, any values specified below the default will be ignored).',
+        schema: { type: 'string' },
+        example: '3600',
+      },
+      link: {
+        name: 'link',
+        in: 'query',
+        required: false,
+        description:
+          'Specify what clicking on the left/right of a badge should do. Note that this only works when integrating your badge in an `<object>` HTML tag, but not an `<img>` tag or a markup language.',
+        style: 'form',
+        explode: true,
+        schema: { type: 'array', maxItems: 2, items: { type: 'string' } },
+      },
+    },
+  },
+  paths: {
+    '/openapi/service/{packageName}': {
+      get: {
+        summary: 'OpenApiService Summary',
+        description: 'OpenApiService Description',
+        parameters: [
+          {
+            name: 'packageName',
+            description: 'packageName description',
+            in: 'path',
+            required: true,
+            schema: { type: 'string' },
+            example: 'badge-maker',
+          },
+          { $ref: '#/components/parameters/style' },
+          { $ref: '#/components/parameters/logo' },
+          { $ref: '#/components/parameters/logoColor' },
+          { $ref: '#/components/parameters/label' },
+          { $ref: '#/components/parameters/labelColor' },
+          { $ref: '#/components/parameters/color' },
+          { $ref: '#/components/parameters/cacheSeconds' },
+          { $ref: '#/components/parameters/link' },
+        ],
+        'x-code-samples': [
+          { lang: 'URL', label: 'URL', source: '$url' },
+          {
+            lang: 'Markdown',
+            label: 'Markdown',
+            source: '![OpenApiService Summary]($url)',
+          },
+          {
+            lang: 'reStructuredText',
+            label: 'rSt',
+            source: '.. image:: $url\n:   alt: OpenApiService Summary',
+          },
+          {
+            lang: 'AsciiDoc',
+            label: 'AsciiDoc',
+            source: 'image:$url[OpenApiService Summary]',
+          },
+          {
+            lang: 'HTML',
+            label: 'HTML',
+            source: '<img alt="OpenApiService Summary" src="$url">',
+          },
+        ],
+      },
+    },
+    '/openapi/service/{packageName}/{distTag}': {
+      get: {
+        summary: 'OpenApiService Summary (with Tag)',
+        description: 'OpenApiService Description (with Tag)',
+        parameters: [
+          {
+            name: 'packageName',
+            description: 'packageName description',
+            in: 'path',
+            required: true,
+            schema: { type: 'string' },
+            example: 'badge-maker',
+          },
+          {
+            name: 'distTag',
+            description: 'distTag description',
+            in: 'path',
+            required: true,
+            schema: { type: 'string' },
+            example: 'latest',
+          },
+          { $ref: '#/components/parameters/style' },
+          { $ref: '#/components/parameters/logo' },
+          { $ref: '#/components/parameters/logoColor' },
+          { $ref: '#/components/parameters/label' },
+          { $ref: '#/components/parameters/labelColor' },
+          { $ref: '#/components/parameters/color' },
+          { $ref: '#/components/parameters/cacheSeconds' },
+          { $ref: '#/components/parameters/link' },
+        ],
+        'x-code-samples': [
+          { lang: 'URL', label: 'URL', source: '$url' },
+          {
+            lang: 'Markdown',
+            label: 'Markdown',
+            source: '![OpenApiService Summary (with Tag)]($url)',
+          },
+          {
+            lang: 'reStructuredText',
+            label: 'rSt',
+            source:
+              '.. image:: $url\n:   alt: OpenApiService Summary (with Tag)',
+          },
+          {
+            lang: 'AsciiDoc',
+            label: 'AsciiDoc',
+            source: 'image:$url[OpenApiService Summary (with Tag)]',
+          },
+          {
+            lang: 'HTML',
+            label: 'HTML',
+            source: '<img alt="OpenApiService Summary (with Tag)" src="$url">',
+          },
+        ],
+      },
+    },
+    '/legacy/service/{packageName}/{distTag}': {
+      get: {
+        summary: 'LegacyService Title (with Tag)',
+        description: 'LegacyService Description (with Tag)',
+        parameters: [
+          {
+            name: 'packageName',
+            in: 'path',
+            required: true,
+            schema: { type: 'string' },
+            example: 'badge-maker',
+          },
+          {
+            name: 'distTag',
+            in: 'path',
+            required: true,
+            schema: { type: 'string' },
+            example: 'latest',
+          },
+          { $ref: '#/components/parameters/style' },
+          { $ref: '#/components/parameters/logo' },
+          { $ref: '#/components/parameters/logoColor' },
+          { $ref: '#/components/parameters/label' },
+          { $ref: '#/components/parameters/labelColor' },
+          { $ref: '#/components/parameters/color' },
+          { $ref: '#/components/parameters/cacheSeconds' },
+          { $ref: '#/components/parameters/link' },
+        ],
+        'x-code-samples': [
+          { lang: 'URL', label: 'URL', source: '$url' },
+          {
+            lang: 'Markdown',
+            label: 'Markdown',
+            source: '![LegacyService Title (with Tag)]($url)',
+          },
+          {
+            lang: 'reStructuredText',
+            label: 'rSt',
+            source: '.. image:: $url\n:   alt: LegacyService Title (with Tag)',
+          },
+          {
+            lang: 'AsciiDoc',
+            label: 'AsciiDoc',
+            source: 'image:$url[LegacyService Title (with Tag)]',
+          },
+          {
+            lang: 'HTML',
+            label: 'HTML',
+            source: '<img alt="LegacyService Title (with Tag)" src="$url">',
+          },
+        ],
+      },
+    },
+    '/legacy/service/{packageName}': {
+      get: {
+        summary: 'LegacyService Title (with Tag)',
+        description: 'LegacyService Description (with Tag)',
+        parameters: [
+          {
+            name: 'packageName',
+            in: 'path',
+            required: true,
+            schema: { type: 'string' },
+            example: 'badge-maker',
+          },
+          { $ref: '#/components/parameters/style' },
+          { $ref: '#/components/parameters/logo' },
+          { $ref: '#/components/parameters/logoColor' },
+          { $ref: '#/components/parameters/label' },
+          { $ref: '#/components/parameters/labelColor' },
+          { $ref: '#/components/parameters/color' },
+          { $ref: '#/components/parameters/cacheSeconds' },
+          { $ref: '#/components/parameters/link' },
+        ],
+        'x-code-samples': [
+          { lang: 'URL', label: 'URL', source: '$url' },
+          {
+            lang: 'Markdown',
+            label: 'Markdown',
+            source: '![LegacyService Title (with Tag)]($url)',
+          },
+          {
+            lang: 'reStructuredText',
+            label: 'rSt',
+            source: '.. image:: $url\n:   alt: LegacyService Title (with Tag)',
+          },
+          {
+            lang: 'AsciiDoc',
+            label: 'AsciiDoc',
+            source: 'image:$url[LegacyService Title (with Tag)]',
+          },
+          {
+            lang: 'HTML',
+            label: 'HTML',
+            source: '<img alt="LegacyService Title (with Tag)" src="$url">',
+          },
+        ],
+      },
+    },
+  },
+}
+
+function clean(obj) {
+  // remove any undefined values in the object
+  return JSON.parse(JSON.stringify(obj))
+}
+
+describe('category2openapi', function () {
+  it('generates an Open API spec', function () {
+    expect(
+      clean(
+        category2openapi({ name: 'build' }, [
+          OpenApiService.getDefinition(),
+          LegacyService.getDefinition(),
+        ])
+      )
+    ).to.deep.equal(expected)
+  })
+})
--- a/core/base-service/service-definitions.js
+++ b/core/base-service/service-definitions.js
@@ -46,6 +46,28 @@ const serviceDefinition = Joi.object({
      })
    )
    .default([]),
+  openApi: Joi.object().pattern(
+    /./,
+    Joi.object({
+      get: Joi.object({
+        summary: Joi.string().required(),
+        description: Joi.string().required(),
+        parameters: Joi.array()
+          .items(
+            Joi.object({
+              name: Joi.string().required(),
+              description: Joi.string(),
+              in: Joi.string().valid('query', 'path').required(),
+              required: Joi.boolean().required(),
+              schema: Joi.object({ type: Joi.string().required() }).required(),
+              example: Joi.string(),
+            })
+          )
+          .min(1)
+          .required(),
+      }).required(),
+    }).required()
+  ),
 }).required()

 function assertValidServiceDefinition(example, message = undefined) {
--- a/core/server/server.js
+++ b/core/server/server.js
@@ -183,6 +183,7 @@ const privateConfigSchema = Joi.object({
  obs_user: Joi.string(),
  obs_pass: Joi.string(),
  redis_url: Joi.string().uri({ scheme: ['redis', 'rediss'] }),
+  postgres_url: Joi.string().uri({ scheme: 'postgresql' }),
  sentry_dsn: Joi.string(),
  sl_insight_userUuid: Joi.string(),
  sl_insight_apiToken: Joi.string(),
--- a/core/service-test-runner/infer-pull-request.js
+++ b/core/service-test-runner/infer-pull-request.js
@@ -1,102 +0,0 @@
-/**
- * @module
- */
-
-import { URL, format as urlFormat } from 'url'
-
-function formatSlug(owner, repo, pullRequest) {
-  return `${owner}/${repo}#${pullRequest}`
-}
-
-function parseGithubPullRequestUrl(url, options = {}) {
-  const { verifyBaseUrl } = options
-
-  const parsed = new URL(url)
-  const components = parsed.pathname.substr(1).split('/')
-  if (components[2] !== 'pull' || components.length !== 4) {
-    throw Error(`Invalid GitHub pull request URL: ${url}`)
-  }
-  const [owner, repo, , pullRequest] = components
-
-  parsed.pathname = ''
-  const baseUrl = urlFormat(parsed, {
-    auth: false,
-    fragment: false,
-    search: false,
-  }).replace(/\/$/, '')
-
-  if (verifyBaseUrl && baseUrl !== verifyBaseUrl) {
-    throw Error(`Expected base URL to be ${verifyBaseUrl} but got ${baseUrl}`)
-  }
-
-  return {
-    baseUrl,
-    owner,
-    repo,
-    pullRequest: +pullRequest,
-    slug: formatSlug(owner, repo, pullRequest),
-  }
-}
-
-function parseGithubRepoSlug(slug) {
-  const components = slug.split('/')
-  if (components.length !== 2) {
-    throw Error(`Invalid GitHub repo slug: ${slug}`)
-  }
-  const [owner, repo] = components
-  return { owner, repo }
-}
-
-function _inferPullRequestFromTravisEnv(env) {
-  const { owner, repo } = parseGithubRepoSlug(env.TRAVIS_REPO_SLUG)
-  const pullRequest = +env.TRAVIS_PULL_REQUEST
-  return {
-    owner,
-    repo,
-    pullRequest,
-    slug: formatSlug(owner, repo, pullRequest),
-  }
-}
-
-function _inferPullRequestFromCircleEnv(env) {
-  return parseGithubPullRequestUrl(
-    env.CI_PULL_REQUEST || env.CIRCLE_PULL_REQUEST
-  )
-}
-
-/**
- * When called inside a CI build, infer the details
- * of a pull request from the environment variables.
- *
- * @param {object} [env=process.env] Environment variables
- * @returns {module:core/service-test-runner/infer-pull-request~PullRequest}
- *    Pull Request
- */
-function inferPullRequest(env = process.env) {
-  if (env.TRAVIS) {
-    return _inferPullRequestFromTravisEnv(env)
-  } else if (env.CIRCLECI) {
-    return _inferPullRequestFromCircleEnv(env)
-  } else if (env.CI) {
-    throw Error(
-      'Unsupported CI system. Unable to obtain pull request information from the environment.'
-    )
-  } else {
-    throw Error(
-      'Unable to obtain pull request information from the environment. Is this running in CI?'
-    )
-  }
-}
-
-/**
- * Pull Request
- *
- * @typedef PullRequest
- * @property {string} pr.baseUrl (returned for travis CI only)
- * @property {string} owner
- * @property {string} repo
- * @property {string} pullRequest PR/issue number
- * @property {string} slug owner/repo/#pullRequest
- */
-
-export { parseGithubPullRequestUrl, parseGithubRepoSlug, inferPullRequest }
--- a/core/service-test-runner/infer-pull-request.spec.js
+++ b/core/service-test-runner/infer-pull-request.spec.js
@@ -1,48 +0,0 @@
-import { test, given, forCases } from 'sazerac'
-import {
-  parseGithubPullRequestUrl,
-  inferPullRequest,
-} from './infer-pull-request.js'
-
-describe('Pull request inference', function () {
-  test(parseGithubPullRequestUrl, () => {
-    forCases([
-      given('https://github.com/badges/shields/pull/1234'),
-      given('https://github.com/badges/shields/pull/1234', {
-        verifyBaseUrl: 'https://github.com',
-      }),
-    ]).expect({
-      baseUrl: 'https://github.com',
-      owner: 'badges',
-      repo: 'shields',
-      pullRequest: 1234,
-      slug: 'badges/shields#1234',
-    })
-
-    given('https://github.com/badges/shields/pull/1234', {
-      verifyBaseUrl: 'https://example.com',
-    }).expectError(
-      'Expected base URL to be https://example.com but got https://github.com'
-    )
-  })
-
-  test(inferPullRequest, () => {
-    const expected = {
-      owner: 'badges',
-      repo: 'shields',
-      pullRequest: 1234,
-      slug: 'badges/shields#1234',
-    }
-
-    given({
-      CIRCLECI: '1',
-      CI_PULL_REQUEST: 'https://github.com/badges/shields/pull/1234',
-    }).expect(Object.assign({ baseUrl: 'https://github.com' }, expected))
-
-    given({
-      TRAVIS: '1',
-      TRAVIS_REPO_SLUG: 'badges/shields',
-      TRAVIS_PULL_REQUEST: '1234',
-    }).expect(expected)
-  })
-})
--- a/core/service-test-runner/pull-request-services-cli.js
+++ b/core/service-test-runner/pull-request-services-cli.js
@@ -1,5 +1,5 @@
-// Infer the current PR from the Travis environment, and look for bracketed,
-// space-separated service names in the pull request title.
+// Derive a list of service tests to run based on
+// space-separated service names in the PR title.
 //
 // Output the list of services.
 //
@@ -8,54 +8,26 @@
 // Output:
 // travis
 // sonar
-//
-// Example:
-//
-// TRAVIS=1 TRAVIS_REPO_SLUG=badges/shields TRAVIS_PULL_REQUEST=1108 npm run test:services:pr:prepare

-import got from 'got'
-import { inferPullRequest } from './infer-pull-request.js'
 import servicesForTitle from './services-for-title.js'

-async function getTitle(owner, repo, pullRequest) {
-  const {
-    body: { title },
-  } = await got(
-    `https://api.github.com/repos/${owner}/${repo}/pulls/${pullRequest}`,
-    {
-      headers: {
-        'User-Agent': 'badges/shields',
-        Authorization: `token ${process.env.GITHUB_TOKEN}`,
-      },
-      responseType: 'json',
-    }
-  )
-  return title
+let title
+
+try {
+  if (process.argv.length < 3) {
+    throw new Error()
+  }
+  title = process.argv[2]
+} catch (e) {
+  console.error('Error processing arguments')
+  process.exit(1)
 }

-async function main() {
-  const { owner, repo, pullRequest, slug } = inferPullRequest()
-  console.error(`PR: ${slug}`)
-
-  const title = await getTitle(owner, repo, pullRequest)
-
-  console.error(`Title: ${title}\n`)
-  const services = servicesForTitle(title)
-  if (services.length === 0) {
-    console.error('No services found. Nothing to do.')
-  } else {
-    console.error(
-      `Services: (${services.length} found) ${services.join(', ')}\n`
-    )
-    console.log(services.join('\n'))
-  }
+console.error(`Title: ${title}\n`)
+const services = servicesForTitle(title)
+if (services.length === 0) {
+  console.error('No services found. Nothing to do.')
+} else {
+  console.error(`Services: (${services.length} found) ${services.join(', ')}\n`)
+  console.log(services.join('\n'))
 }
-
-;(async () => {
-  try {
-    await main()
-  } catch (e) {
-    console.error(e)
-    process.exit(1)
-  }
-})()
--- a/core/token-pooling/redis-token-persistence.integration.js
+++ b/core/token-pooling/redis-token-persistence.integration.js
@@ -84,7 +84,6 @@ describe('Redis token persistence', function () {
        const toRemove = expected.pop()

        await persistence.initialize()
-
        await persistence.noteTokenRemoved(toRemove)

        const savedTokens = await redis.smembers(key)
--- a/core/token-pooling/sql-token-persistence.integration.js
+++ b/core/token-pooling/sql-token-persistence.integration.js
@@ -0,0 +1,103 @@
+import pg from 'pg'
+import { expect } from 'chai'
+import configModule from 'config'
+import SqlTokenPersistence from './sql-token-persistence.js'
+
+const config = configModule.util.toObject()
+const postgresUrl = config?.private?.postgres_url
+const tableName = 'token_persistence_integration_test'
+
+describe('SQL token persistence', function () {
+  let pool
+  let persistence
+
+  before('Mock db connection and load app', async function () {
+    // Create a new pool with a connection limit of 1
+    pool = new pg.Pool({
+      connectionString: postgresUrl,
+
+      // Reuse the connection to make sure we always hit the same pg_temp schema
+      max: 1,
+
+      // Disable auto-disconnection of idle clients to make sure we always hit the same pg_temp schema
+      idleTimeoutMillis: 0,
+    })
+    persistence = new SqlTokenPersistence({
+      url: postgresUrl,
+      table: tableName,
+    })
+  })
+  after(async function () {
+    if (persistence) {
+      await persistence.stop()
+      persistence = undefined
+    }
+  })
+
+  beforeEach('Create temporary table', async function () {
+    await pool.query(
+      `CREATE TEMPORARY TABLE ${tableName} (LIKE github_user_tokens INCLUDING ALL);`
+    )
+  })
+  afterEach('Drop temporary table', async function () {
+    await pool.query(`DROP TABLE IF EXISTS pg_temp.${tableName};`)
+  })
+
+  context('when the key does not exist', function () {
+    it('does nothing', async function () {
+      const tokens = await persistence.initialize(pool)
+      expect(tokens).to.deep.equal([])
+    })
+  })
+
+  context('when the key exists', function () {
+    const initialTokens = ['a', 'b', 'c'].map(char => char.repeat(40))
+
+    beforeEach(async function () {
+      initialTokens.forEach(async token => {
+        await pool.query(
+          `INSERT INTO pg_temp.${tableName} (token) VALUES ($1::text);`,
+          [token]
+        )
+      })
+    })
+
+    it('loads the contents', async function () {
+      const tokens = await persistence.initialize(pool)
+      expect(tokens.sort()).to.deep.equal(initialTokens)
+    })
+
+    context('when tokens are added', function () {
+      it('saves the change', async function () {
+        const newToken = 'e'.repeat(40)
+        const expected = initialTokens.slice()
+        expected.push(newToken)
+
+        await persistence.initialize(pool)
+        await persistence.noteTokenAdded(newToken)
+
+        const result = await pool.query(
+          `SELECT token FROM pg_temp.${tableName};`
+        )
+        const savedTokens = result.rows.map(row => row.token)
+        expect(savedTokens.sort()).to.deep.equal(expected)
+      })
+    })
+
+    context('when tokens are removed', function () {
+      it('saves the change', async function () {
+        const expected = Array.from(initialTokens)
+        const toRemove = expected.pop()
+
+        await persistence.initialize(pool)
+        await persistence.noteTokenRemoved(toRemove)
+
+        const result = await pool.query(
+          `SELECT token FROM pg_temp.${tableName};`
+        )
+        const savedTokens = result.rows.map(row => row.token)
+        expect(savedTokens.sort()).to.deep.equal(expected)
+      })
+    })
+  })
+})
--- a/core/token-pooling/sql-token-persistence.js
+++ b/core/token-pooling/sql-token-persistence.js
@@ -0,0 +1,57 @@
+import pg from 'pg'
+import log from '../server/log.js'
+
+export default class SqlTokenPersistence {
+  constructor({ url, table }) {
+    this.url = url
+    this.table = table
+    this.noteTokenAdded = this.noteTokenAdded.bind(this)
+    this.noteTokenRemoved = this.noteTokenRemoved.bind(this)
+  }
+
+  async initialize(pool) {
+    if (pool) {
+      this.pool = pool
+    } else {
+      this.pool = new pg.Pool({ connectionString: this.url })
+    }
+    const result = await this.pool.query(`SELECT token FROM ${this.table};`)
+    return result.rows.map(row => row.token)
+  }
+
+  async stop() {
+    if (this.pool) {
+      await this.pool.end()
+    }
+  }
+
+  async onTokenAdded(token) {
+    return await this.pool.query(
+      `INSERT INTO ${this.table} (token) VALUES ($1::text) ON CONFLICT (token) DO NOTHING;`,
+      [token]
+    )
+  }
+
+  async onTokenRemoved(token) {
+    return await this.pool.query(
+      `DELETE FROM ${this.table} WHERE token=$1::text;`,
+      [token]
+    )
+  }
+
+  async noteTokenAdded(token) {
+    try {
+      await this.onTokenAdded(token)
+    } catch (e) {
+      log.error(e)
+    }
+  }
+
+  async noteTokenRemoved(token) {
+    try {
+      await this.onTokenRemoved(token)
+    } catch (e) {
+      log.error(e)
+    }
+  }
+}
--- a/doc/code-walkthrough.md
+++ b/doc/code-walkthrough.md
@@ -45,14 +45,14 @@ The tests are also divided into several parts:
 7.  [The service tests themselves][service tests] live integration tests of the
    services, and some mocked tests
    1.  `*.tester.js` in subfolders of [`services`][services]
-8.  Integration tests of Redis-backed persistence code
-    1.  [`core/token-pooling/redis-token-persistence.integration.js`][redis-token-persistence.integration]
+8.  Integration tests of PostgreSQL-backed persistence code
+    1.  [`core/token-pooling/sql-token-persistence.integration.js`][sql-token-persistence.integration]
 9.  Integration tests of the GitHub authorization code
    1.  [`services/github/github-api-provider.integration.js`][github-api-provider.integration]

 [service-test-runner]: https://github.com/badges/shields/tree/master/core/service-test-runner
 [service tests]: https://github.com/badges/shields/blob/master/doc/service-tests.md
-[redis-token-persistence.integration]: https://github.com/badges/shields/blob/master/core/token-pooling/redis-token-persistence.integration.js
+[sql-token-persistence.integration]: https://github.com/badges/shields/blob/master/core/token-pooling/sql-token-persistence.integration.js
 [github-api-provider.integration]: https://github.com/badges/shields/blob/master/services/github/github-api-provider.integration.js

 Our goal is to reach 100% coverage of the code in the
--- a/doc/production-hosting.md
+++ b/doc/production-hosting.md
@@ -14,49 +14,41 @@ Production hosting is managed by the Shields ops team:
 [operations issues]: https://github.com/badges/shields/issues?q=is%3Aissue+is%3Aopen+label%3Aoperations
 [ops discord]: https://discordapp.com/channels/308323056592486420/480747695879749633

-| Component                     | Subcomponent                    | People with access                                              |
-| ----------------------------- | ------------------------------- | --------------------------------------------------------------- |
-| shields-io-production         | Full access                     | @calebcartwright, @chris48s, @paulmelnikow                      |
-| shields-io-production         | Access management               | @calebcartwright, @chris48s, @paulmelnikow                      |
-| Compose.io Redis              | Account owner                   | @paulmelnikow                                                   |
-| Compose.io Redis              | Account access                  | @paulmelnikow                                                   |
-| Compose.io Redis              | Database connection credentials | @calebcartwright, @chris48s, @paulmelnikow, @pyvesb             |
-| Raster server                 | Full access as team members     | @paulmelnikow, @chris48s, @calebcartwright, @platan             |
-| shields-server.com redirector | Full access as team members     | @paulmelnikow, @chris48s, @calebcartwright, @platan             |
-| Cloudflare (CDN)              | Account owner                   | @espadrine                                                      |
-| Cloudflare (CDN)              | Access management               | @espadrine                                                      |
-| Cloudflare (CDN)              | Admin access                    | @calebcartwright, @chris48s, @espadrine, @paulmelnikow, @PyvesB |
-| Twitch                        | OAuth app                       | @PyvesB                                                         |
-| Discord                       | OAuth app                       | @PyvesB                                                         |
-| YouTube                       | Account owner                   | @PyvesB                                                         |
-| GitLab                        | Account owner                   | @calebcartwright                                                |
-| GitLab                        | Account access                  | @calebcartwright, @chris48s, @paulmelnikow, @PyvesB             |
-| OpenStreetMap (for Wheelmap)  | Account owner                   | @paulmelnikow                                                   |
-| DNS                           | Account owner                   | @olivierlacan                                                   |
-| DNS                           | Read-only account access        | @espadrine, @paulmelnikow, @chris48s                            |
-| Sentry                        | Error reports                   | @espadrine, @paulmelnikow                                       |
-| Metrics server                | Owner                           | @platan                                                         |
-| UptimeRobot                   | Account owner                   | @paulmelnikow                                                   |
-| More metrics                  | Owner                           | @RedSparr0w                                                     |
+| Component                     | Subcomponent                | People with access                                              |
+| ----------------------------- | --------------------------- | --------------------------------------------------------------- |
+| shields-io-production         | Full access                 | @calebcartwright, @chris48s, @paulmelnikow                      |
+| shields-io-production         | Access management           | @calebcartwright, @chris48s, @paulmelnikow                      |
+| Raster server                 | Full access as team members | @paulmelnikow, @chris48s, @calebcartwright, @platan             |
+| shields-server.com redirector | Full access as team members | @paulmelnikow, @chris48s, @calebcartwright, @platan             |
+| Cloudflare (CDN)              | Account owner               | @espadrine                                                      |
+| Cloudflare (CDN)              | Access management           | @espadrine                                                      |
+| Cloudflare (CDN)              | Admin access                | @calebcartwright, @chris48s, @espadrine, @paulmelnikow, @PyvesB |
+| Twitch                        | OAuth app                   | @PyvesB                                                         |
+| Discord                       | OAuth app                   | @PyvesB                                                         |
+| YouTube                       | Account owner               | @PyvesB                                                         |
+| GitLab                        | Account owner               | @calebcartwright                                                |
+| GitLab                        | Account access              | @calebcartwright, @chris48s, @paulmelnikow, @PyvesB             |
+| OpenStreetMap (for Wheelmap)  | Account owner               | @paulmelnikow                                                   |
+| DNS                           | Account owner               | @olivierlacan                                                   |
+| DNS                           | Read-only account access    | @espadrine, @paulmelnikow, @chris48s                            |
+| Sentry                        | Error reports               | @espadrine, @paulmelnikow                                       |
+| Metrics server                | Owner                       | @platan                                                         |
+| UptimeRobot                   | Account owner               | @paulmelnikow                                                   |
+| More metrics                  | Owner                       | @RedSparr0w                                                     |

 ## Attached state

 Shields has mercifully little persistent state:

-1. The GitHub tokens we collect are saved on each server in a cloud Redis
-   database. They can also be fetched from the [GitHub auth admin endpoint][]
-   for debugging.
+1. The GitHub tokens we collect are stored in a fly.io postgres database
 2. The server keeps the [resource cache][] in memory. It is neither
   persisted nor inspectable.

-[github auth admin endpoint]: https://github.com/badges/shields/blob/master/services/github/auth/admin.js
 [resource cache]: https://github.com/badges/shields/blob/master/core/base-service/resource-cache.js

 ## Configuration

-To bootstrap the configuration process,
-[the script that starts the server][start-shields.sh] sets a single
-environment variable:
+To bootstrap the configuration of non-secret settings, we set a single environment variable:

 ```
 NODE_CONFIG_ENV=shields-io-production
@@ -71,7 +63,8 @@ files:
  contains non-secrets which are checked in to the main repo.
 - [`default.yml`][default.yml]. This file contains defaults.

-[start-shields.sh]: https://github.com/badges/ServerScript/blob/master/start-shields.sh#L7
+Secrets are supplied directly as environment vars.
+
 [config]: https://github.com/lorenwest/node-config/wiki/Configuration-Files
 [local-shields-io-production.yml]: ../config/local-shields-io-production.template.yml
 [shields-io-production.yml]: ../config/shields-io-production.yml
--- a/doc/releases.md
+++ b/doc/releases.md
@@ -45,11 +45,11 @@ We are happy to document and collate any self-hosting patterns/approaches that o
 We try to make it as easy as possible for users to self-host a Shields server so we publish a few releases of the server. Please be sure to refer to the [self hosting guide][self hosting] for a detailed walk through on how to spin up a server.

 - The server uses [Calendar Versioning](https://calver.org/). Tags of the form `server-YYYY-MM-DD` are server releases (these are the tags that are relevant to self-hosting users, e.g. [server-2021-02-01](https://github.com/badges/shields/releases/tag/server-2021-02-01)).
- As well as [tags on GitHub](https://github.com/badges/shields/tags), server releases are also pushed to [DockerHub](https://registry.hub.docker.com/r/shieldsio/shields/tags). See the self-hosting section on [Docker](https://github.com/badges/shields/blob/master/doc/self-hosting.md#Docker) for more details.
+- As well as [tags on GitHub](https://github.com/badges/shields/tags), server releases are also pushed to [DockerHub](https://registry.hub.docker.com/r/shieldsio/shields/tags) and [GitHub Container Registry](https://github.com/badges/shields/pkgs/container/shields/versions?filters%5Bversion_type%5D=tagged). See the self-hosting section on [Docker](https://github.com/badges/shields/blob/master/doc/self-hosting.md#Docker) for more details.
 - We publish release notes for server releases in the [CHANGELOG](https://github.com/badges/shields/blob/master/CHANGELOG.md). There may occasionally be non-backwards compatible changes to be aware of.
 - We will normally put out one release per month. If there is a security patch or major bugfix affecting self-hosting users, we may put out an out-of-sequence release.
 - Releases are just a snapshot in time. We advise always tracking the latest release to ensure you are up-to-date with the latest bug fixes and security updates. There are no 'patch' releases - we don't backport fixes to old releases. Tagged versions just provide a convenient way to apply upgrades in a controlled way or roll back to an older version if necessary and communicate about versions.
- You can stay on the bleeding edge by tracking the `master` branch for source installs or the `next` tag on DockerHub.
+- You can stay on the bleeding edge by tracking the `master` branch for source installs or the `next` tag on DockerHub/GHCR.

 [shields.io]: https://shields.io
 [npm package]: https://www.npmjs.com/package/badge-maker
--- a/doc/self-hosting.md
+++ b/doc/self-hosting.md
@@ -71,18 +71,30 @@ vercel

 ## Docker

-### DockerHub
+### Public Images

-We publish images to DockerHub at https://registry.hub.docker.com/r/shieldsio/shields
+We publish images to:

-The `next` tag is the latest build from `master`, or tagged releases are available
-https://registry.hub.docker.com/r/shieldsio/shields/tags
+- DockerHub at https://registry.hub.docker.com/r/shieldsio/shields and
+- GitHub Container Registry at https://github.com/badges/shields/pkgs/container/shields

-```console
+The `next` tag is the latest build from `master`, or tagged snapshot releases are available:
+
+- https://registry.hub.docker.com/r/shieldsio/shields/tags
+- https://github.com/badges/shields/pkgs/container/shields/versions?filters%5Bversion_type%5D=tagged
+
+```sh
+# DockerHub
 $ docker pull shieldsio/shields:next
 $ docker run shieldsio/shields:next
 ```

+```sh
+# GHCR
+$ docker pull ghcr.io/badges/shields:next
+$ docker pull ghcr.io/badges/shields:next
+```
+
 ### Building Docker Image Locally

 Alternatively, you can build and run the server locally using Docker. First build an image:
--- a/doc/server-secrets.md
+++ b/doc/server-secrets.md
@@ -125,11 +125,17 @@ Because of GitHub rate limits, you will need to provide a token, or else badges
 will stop working once you hit 60 requests per hour, the
 [unauthenticated rate limit][github rate limit].

-You can [create a personal access token][personal access tokens] through the
+You can [create a personal access token][personal access tokens] (PATs) through the
 GitHub website. When you create the token, you can choose to give read access
 to your repositories. If you do that, your self-hosted Shields installation
 will have access to your private repositories.

+For most users we recommend using a classic PAT as opposed to a [fine-grained PAT][fine-grained pat].
+It is possible to request a fairly large subset of the GitHub badge suite using a
+fine-grained PAT for authentication but there are also some badges that won't work.
+This is because some of our badges make use of GitHub's v4 GraphQL API and the
+GraphQL API only supports authentication with a classic PAT.
+
 When a `gh_token` is specified, it is used in place of the Shields token
 rotation logic.

@@ -139,6 +145,7 @@ token, though it's not required.

 [github rate limit]: https://developer.github.com/v3/#rate-limiting
 [personal access tokens]: https://github.com/settings/tokens
+[fine-grained pat]: https://github.blog/2022-10-18-introducing-fine-grained-personal-access-tokens-for-github/

 - `GH_CLIENT_ID` (yml: `private.gh_client_id`)
 - `GH_CLIENT_SECRET` (yml: `private.gh_client_secret`)
--- a/frontend/categories/.gitkeep
+++ b/frontend/categories/.gitkeep
--- a/frontend/components/search.tsx
+++ b/frontend/components/search.tsx
@@ -27,7 +27,6 @@ export default function Search({
      <form action="javascript:void 0" autoComplete="off">
        <BlockInput
          autoComplete="off"
-          autoFocus
          onChange={onQueryChanged}
          placeholder="search"
        />
--- a/frontend/components/usage.tsx
+++ b/frontend/components/usage.tsx
@@ -327,17 +327,18 @@ export default function Usage({ baseUrl }: { baseUrl: string }): JSX.Element {
          <QueryParam
            documentation={
              <span>
-                Insert one of the named logos from (<NamedLogos />) or{' '}
+                Insert one of the named logos from (<NamedLogos />) or
+                simple-icons. All simple-icons are referenced using icon slugs.
+                You can click the icon title on{' '}
                <a
                  href="https://simpleicons.org/"
                  rel="noopener noreferrer"
                  target="_blank"
                >
                  simple-icons
-                </a>
-                . Simple-icons are referenced using icon slugs which can be
-                found on the simple-icons site or in the{' '}
-                <a href="https://github.com/simple-icons/simple-icons/blob/develop/slugs.md">
+                </a>{' '}
+                to copy the slug or they can be found in the{' '}
+                <a href="https://github.com/simple-icons/simple-icons/blob/master/slugs.md">
                  slugs.md file
                </a>{' '}
                in the simple-icons repository.
--- a/migrations/1676731511125_initialize.cjs
+++ b/migrations/1676731511125_initialize.cjs
@@ -0,0 +1,14 @@
+/* eslint-disable camelcase */
+
+exports.shorthands = undefined
+
+exports.up = pgm => {
+  pgm.createTable('github_user_tokens', {
+    id: 'id',
+    token: { type: 'varchar(1000)', notNull: true, unique: true },
+  })
+}
+
+exports.down = pgm => {
+  pgm.dropTable('github_user_tokens')
+}
--- a/package-lock.json
+++ b/package-lock.json
--- a/package.json
+++ b/package.json
@@ -24,29 +24,29 @@
    "@fontsource/lato": "^4.5.10",
    "@fontsource/lekton": "^4.5.11",
    "@renovate/pep440": "^1.0.0",
-    "@renovatebot/ruby-semver": "^1.1.8",
-    "@sentry/node": "^7.30.0",
-    "@shields_io/camp": "^18.1.1",
+    "@renovatebot/ruby-semver": "^2.1.10",
+    "@sentry/node": "^7.47.0",
+    "@shields_io/camp": "^18.1.2",
    "badge-maker": "file:badge-maker",
    "bytes": "^3.1.2",
    "camelcase": "^7.0.1",
    "chalk": "^5.2.0",
    "check-node-version": "^4.2.1",
    "cloudflare-middleware": "^1.0.4",
-    "config": "^3.3.8",
+    "config": "^3.3.9",
    "cross-env": "^7.0.3",
    "dayjs": "^1.11.7",
    "decamelize": "^3.2.0",
    "emojic": "^1.1.17",
    "escape-string-regexp": "^4.0.0",
-    "fast-xml-parser": "^4.0.13",
-    "glob": "^8.0.3",
+    "fast-xml-parser": "^4.1.3",
+    "glob": "^9.3.4",
    "global-agent": "^3.0.0",
-    "got": "^12.5.3",
+    "got": "^12.6.0",
    "graphql": "^15.6.1",
    "graphql-tag": "^2.12.6",
-    "ioredis": "5.2.4",
-    "joi": "17.7.0",
+    "ioredis": "5.3.1",
+    "joi": "17.9.1",
    "joi-extension-semver": "5.0.0",
    "js-yaml": "^4.1.0",
    "jsonpath": "~1.1.1",
@@ -54,15 +54,17 @@
    "lodash.groupby": "^4.6.0",
    "lodash.times": "^4.3.2",
    "node-env-flag": "^0.1.0",
+    "node-pg-migrate": "^6.2.2",
    "parse-link-header": "^2.0.0",
    "path-to-regexp": "^6.2.1",
-    "pretty-bytes": "^6.0.0",
+    "pg": "^8.10.0",
+    "pretty-bytes": "^6.1.0",
    "priorityqueuejs": "^2.0.0",
-    "prom-client": "^14.1.1",
-    "qs": "^6.11.0",
+    "prom-client": "^14.2.0",
+    "qs": "^6.11.1",
    "query-string": "^8.1.0",
    "semver": "~7.3.8",
-    "simple-icons": "8.2.0",
+    "simple-icons": "8.9.0",
    "webextension-store-meta": "^1.0.5",
    "xmldom": "~0.6.0",
    "xpath": "~0.0.32"
@@ -117,7 +119,8 @@
    "e2e": "start-server-and-test start http://localhost:3000 test:e2e",
    "e2e-on-build": "cross-env CYPRESS_baseUrl=http://localhost:8080 start-server-and-test start:server:e2e-on-build http://localhost:8080 test:e2e",
    "badge": "cross-env NODE_CONFIG_ENV=test TRACE_SERVICES=true node scripts/badge-cli.js",
-    "build-docs": "rimraf api-docs/ && jsdoc --pedantic -c ./jsdoc.json . && echo 'contributing.shields.io' > api-docs/CNAME"
+    "build-docs": "rimraf api-docs/ && jsdoc --pedantic -c ./jsdoc.json . && echo 'contributing.shields.io' > api-docs/CNAME",
+    "migrate": "node scripts/write-migrations-config.js > migrations-config.json && node-pg-migrate --config-file=migrations-config.json"
  },
  "lint-staged": {
    "**/*.@(js|ts|tsx)": [
@@ -142,9 +145,9 @@
    ]
  },
  "devDependencies": {
-    "@babel/core": "^7.20.12",
+    "@babel/core": "^7.21.4",
    "@babel/polyfill": "^7.12.1",
-    "@babel/register": "7.18.9",
+    "@babel/register": "7.21.0",
    "@istanbuljs/schema": "^0.1.3",
    "@mapbox/react-click-to-select": "^2.2.1",
    "@types/chai": "^4.3.4",
@@ -156,11 +159,11 @@
    "@types/react-modal": "^3.13.1",
    "@types/react-select": "^4.0.17",
    "@types/styled-components": "5.1.26",
-    "@typescript-eslint/eslint-plugin": "^5.48.0",
-    "@typescript-eslint/parser": "^5.46.0",
-    "babel-plugin-inline-react-svg": "^2.0.1",
+    "@typescript-eslint/eslint-plugin": "^5.57.1",
+    "@typescript-eslint/parser": "^5.55.0",
+    "babel-plugin-inline-react-svg": "^2.0.2",
    "babel-preset-gatsby": "^2.22.0",
-    "c8": "^7.12.0",
+    "c8": "^7.13.0",
    "caller": "^1.1.0",
    "chai": "^4.3.7",
    "chai-as-promised": "^7.1.1",
@@ -168,28 +171,28 @@
    "chai-string": "^1.4.0",
    "child-process-promise": "^2.2.1",
    "clipboard-copy": "^4.0.1",
-    "concurrently": "^7.6.0",
-    "cypress": "^12.3.0",
+    "concurrently": "^8.0.1",
+    "cypress": "^12.9.0",
    "cypress-wait-for-stable-dom": "^0.1.0",
-    "danger": "^11.2.1",
-    "danger-plugin-no-test-shortcuts": "^2.0.0",
-    "deepmerge": "^4.2.2",
+    "danger": "^11.2.4",
+    "deepmerge": "^4.3.1",
    "eslint": "^7.32.0",
-    "eslint-config-prettier": "^8.6.0",
+    "eslint-config-prettier": "^8.8.0",
    "eslint-config-standard": "^16.0.3",
    "eslint-config-standard-jsx": "^10.0.0",
    "eslint-config-standard-react": "^11.0.1",
    "eslint-plugin-chai-friendly": "^0.7.2",
-    "eslint-plugin-cypress": "^2.12.1",
-    "eslint-plugin-import": "^2.27.4",
-    "eslint-plugin-jsdoc": "^39.6.4",
+    "eslint-plugin-cypress": "^2.13.2",
+    "eslint-plugin-icedfrisby": "^0.1.0",
+    "eslint-plugin-import": "^2.27.5",
+    "eslint-plugin-jsdoc": "^40.1.1",
    "eslint-plugin-mocha": "^10.1.0",
    "eslint-plugin-no-extension-in-require": "^0.2.0",
    "eslint-plugin-node": "^11.1.0",
    "eslint-plugin-promise": "^5.2.0",
-    "eslint-plugin-react": "^7.32.0",
+    "eslint-plugin-react": "^7.32.2",
    "eslint-plugin-react-hooks": "^4.6.0",
-    "eslint-plugin-sort-class-members": "^1.16.0",
+    "eslint-plugin-sort-class-members": "^1.17.0",
    "fetch-ponyfill": "^7.1.0",
    "form-data": "^4.0.0",
    "gatsby": "4.23.1",
@@ -204,22 +207,22 @@
    "icedfrisby-nock": "^2.1.0",
    "is-svg": "^4.3.2",
    "js-yaml-loader": "^1.2.2",
-    "jsdoc": "^4.0.0",
-    "lint-staged": "^13.1.0",
+    "jsdoc": "^4.0.2",
+    "lint-staged": "^13.2.1",
    "lodash.debounce": "^4.0.8",
    "lodash.difference": "^4.5.0",
-    "minimist": "^1.2.7",
+    "minimist": "^1.2.8",
    "mocha": "^10.2.0",
    "mocha-env-reporter": "^4.0.0",
    "mocha-junit-reporter": "^2.2.0",
    "mocha-yaml-loader": "^1.0.3",
    "nock": "13.3.0",
-    "node-mocks-http": "^1.12.1",
-    "nodemon": "^2.0.20",
+    "node-mocks-http": "^1.12.2",
+    "nodemon": "^2.0.22",
    "npm-run-all": "^4.1.5",
-    "open-cli": "^7.1.0",
+    "open-cli": "^7.2.0",
    "portfinder": "^1.0.32",
-    "prettier": "2.8.2",
+    "prettier": "2.8.7",
    "react": "^17.0.2",
    "react-dom": "^17.0.2",
    "react-error-overlay": "^6.0.11",
@@ -229,17 +232,17 @@
    "react-select": "^4.3.1",
    "read-all-stdin-sync": "^1.0.5",
    "redis-server": "^1.2.2",
-    "rimraf": "^4.0.4",
+    "rimraf": "^4.4.1",
    "sazerac": "^2.0.0",
    "simple-git-hooks": "^2.8.1",
-    "sinon": "^15.0.1",
+    "sinon": "^15.0.3",
    "sinon-chai": "^3.7.0",
    "snap-shot-it": "^7.9.10",
-    "start-server-and-test": "1.15.2",
-    "styled-components": "^5.3.6",
+    "start-server-and-test": "2.0.0",
+    "styled-components": "^5.3.9",
    "ts-mocha": "^10.0.0",
-    "tsd": "^0.25.0",
-    "typescript": "^4.9.4",
+    "tsd": "^0.28.1",
+    "typescript": "^5.0.3",
    "url": "^0.11.0"
  },
  "engines": {
--- a/scripts/export-openapi-cli.js
+++ b/scripts/export-openapi-cli.js
@@ -0,0 +1,49 @@
+import fs from 'fs'
+import path from 'path'
+import yaml from 'js-yaml'
+import { collectDefinitions } from '../core/base-service/loader.js'
+import { category2openapi } from '../core/base-service/openapi.js'
+
+const specsPath = path.join('frontend', 'categories')
+
+function writeSpec(filename, spec) {
+  // Omit undefined
+  // https://github.com/nodeca/js-yaml/issues/356#issuecomment-312430599
+  const cleaned = JSON.parse(JSON.stringify(spec))
+
+  fs.writeFileSync(
+    filename,
+    yaml.dump(cleaned, { flowLevel: 5, forceQuotes: true })
+  )
+}
+
+;(async () => {
+  const definitions = await collectDefinitions()
+
+  for (const category of definitions.categories) {
+    const services = definitions.services.filter(
+      service => service.category === category.id && !service.isDeprecated
+    )
+
+    writeSpec(
+      path.join(specsPath, `${category.id}.yaml`),
+      category2openapi(category, services)
+    )
+  }
+
+  let coreServices = []
+  coreServices = coreServices.concat(
+    definitions.services.filter(
+      service => service.category === 'static' && !service.isDeprecated
+    )
+  )
+  coreServices = coreServices.concat(
+    definitions.services.filter(
+      service => service.category === 'dynamic' && !service.isDeprecated
+    )
+  )
+  writeSpec(
+    path.join(specsPath, '1core.yaml'),
+    category2openapi({ name: 'Core' }, coreServices)
+  )
+})()
--- a/scripts/export-service-definitions-cli.js
+++ b/scripts/export-service-definitions-cli.js
@@ -3,6 +3,19 @@ import { collectDefinitions } from '../core/base-service/loader.js'
 ;(async () => {
  const definitions = await collectDefinitions()

+  // filter out static, dynamic and debug badge examples
+  const publicCategories = definitions.categories.map(c => c.id)
+  definitions.services = definitions.services.filter(s =>
+    publicCategories.includes(s.category)
+  )
+
+  // drop the openApi property for the "legacy" frontend
+  for (const service of definitions.services) {
+    if (service.openApi) {
+      service.openApi = undefined
+    }
+  }
+
  // Omit undefined
  // https://github.com/nodeca/js-yaml/issues/356#issuecomment-312430599
  const cleaned = JSON.parse(JSON.stringify(definitions))
--- a/scripts/mocha2md.js
+++ b/scripts/mocha2md.js
@@ -20,13 +20,17 @@ if (data.stats.passes > 0) {
  process.stdout.write(`✔ ${data.stats.passes} passed\n`)
 }
 if (data.stats.failures > 0) {
-  process.stdout.write(`✖ ${data.stats.failures} failed\n\n`)
+  process.stdout.write(`✖ ${data.stats.failures} failed\n`)
 }
+if (data.stats.pending > 0) {
+  process.stdout.write(`● ${data.stats.pending} pending\n`)
+}
+process.stdout.write('\n')

 if (data.stats.failures > 0) {
-  for (const test of data.tests) {
+  process.stdout.write('## Failures\n\n')
+  for (const test of data.failures) {
    if (test.err && Object.keys(test.err).length > 0) {
-      process.stdout.write(`### ${test.title}\n\n`)
      process.stdout.write(`${test.fullTitle}\n\n`)
      process.stdout.write('```\n')
      process.stdout.write(`${test.err.stack}\n`)
@@ -34,3 +38,10 @@ if (data.stats.failures > 0) {
    }
  }
 }
+
+if (data.stats.pending > 0) {
+  process.stdout.write('## Pending\n\n')
+  for (const test of data.pending) {
+    process.stdout.write(`${test.fullTitle}\n\n`)
+  }
+}
--- a/scripts/write-migrations-config.js
+++ b/scripts/write-migrations-config.js
@@ -0,0 +1,11 @@
+import configModule from 'config'
+const config = configModule.util.toObject()
+
+const postgresUrl = config?.private?.postgres_url
+
+if (!postgresUrl) {
+  process.exit(1)
+}
+
+process.stdout.write(JSON.stringify({ url: postgresUrl }))
+process.exit(0)
--- a/server.js
+++ b/server.js
@@ -42,6 +42,15 @@ if (fs.existsSync('.env')) {
  process.exit(1)
 }

+if (config.private.redis_url != null) {
+  console.warn(
+    'RedisTokenPersistence is deprecated for token pooling and will be removed in a future release. Migrate to SqlTokenPersistence'
+  )
+  console.warn(
+    'See https://github.com/badges/shields/blob/master/CHANGELOG.md#server-2023-03-01 for more info'
+  )
+}
+
 const legacySecretsPath = path.join(
  path.dirname(fileURLToPath(import.meta.url)),
  'private',
--- a/services/crates/crates-version.service.js
+++ b/services/crates/crates-version.service.js
@@ -19,12 +19,14 @@ export default class CratesVersion extends BaseCratesService {
    if (json.errors) {
      throw new InvalidResponse({ prettyMessage: json.errors[0].detail })
    }
-    return { version: json.version ? json.version.num : json.crate.max_version }
+    return json.crate.max_stable_version
+      ? json.crate.max_stable_version
+      : json.crate.max_version
  }

  async handle({ crate }) {
    const json = await this.fetch({ crate })
-    const { version } = this.transform(json)
+    const version = this.transform(json)
    return renderVersionBadge({ version })
  }
 }
--- a/services/crates/crates-version.spec.js
+++ b/services/crates/crates-version.spec.js
@@ -5,8 +5,10 @@ import CratesVersion from './crates-version.service.js'

 describe('CratesVersion', function () {
  test(CratesVersion.prototype.transform, () => {
-    given({ version: { num: '1.0.0' } }).expect({ version: '1.0.0' })
-    given({ crate: { max_version: '1.1.0' } }).expect({ version: '1.1.0' })
+    given({ crate: { max_version: '1.1.0' } }).expect('1.1.0')
+    given({
+      crate: { max_stable_version: '1.1.0', max_version: '1.9.0-alpha' },
+    }).expect('1.1.0')
  })

  it('throws InvalidResponse on error response', function () {
--- a/services/ctan/ctan.service.js
+++ b/services/ctan/ctan.service.js
@@ -1,12 +1,13 @@
 import Joi from 'joi'
 import { renderLicenseBadge } from '../licenses.js'
 import { renderVersionBadge } from '../version.js'
-import { BaseJsonService } from '../index.js'
+import { BaseJsonService, InvalidResponse } from '../index.js'

 const schema = Joi.object({
  license: Joi.array().items(Joi.string()).single(),
  version: Joi.object({
-    number: Joi.string().required(),
+    number: Joi.string().allow('').required(),
+    date: Joi.string().allow('').required(),
  }).required(),
 }).required()

@@ -14,7 +15,7 @@ class BaseCtanService extends BaseJsonService {
  static defaultBadgeData = { label: 'ctan' }

  async fetch({ library }) {
-    const url = `http://www.ctan.org/json/pkg/${library}`
+    const url = `https://www.ctan.org/json/2.0/pkg/${library}`
    return this._requestJson({
      schema,
      url,
@@ -67,7 +68,22 @@ class CtanVersion extends BaseCtanService {

  async handle({ library }) {
    const json = await this.fetch({ library })
-    return renderVersionBadge({ version: json.version.number })
+    const version = json.version.number
+    if (version !== '') {
+      return renderVersionBadge({ version })
+    } else {
+      const date = json.version.date
+      if (date !== '') {
+        return renderVersionBadge({
+          version: date,
+          versionFormatter: color => 'blue',
+        })
+      } else {
+        return new InvalidResponse({
+          underlyingError: new Error('Both number and date are empty'),
+        })
+      }
+    }
  }
 }

--- a/services/ctan/ctan.tester.js
+++ b/services/ctan/ctan.tester.js
@@ -1,5 +1,13 @@
+import Joi from 'joi'
 import { ServiceTester } from '../tester.js'
-import { isVPlusDottedVersionAtLeastOne } from '../test-validators.js'
+import { withRegex } from '../test-validators.js'
+
+// same as isVPlusDottedVersionAtLeastOne, but also accepts an optional
+// single lowercase alphabet letter suffix
+// e.g.: v1.81a
+const isVPlusDottedVersionAtLeastOneWithOptionalAlphabetLetter = withRegex(
+  /^v\d+(\.\d+)?(\.\d+)?[a-z]?$/
+)

 export const t = new ServiceTester({
  id: 'ctan',
@@ -14,11 +22,12 @@ t.create('license').get('/l/novel.json').expectBadge({
 t.create('license missing')
  .get('/l/novel.json')
  .intercept(nock =>
-    nock('http://www.ctan.org')
-      .get('/json/pkg/novel')
+    nock('https://www.ctan.org')
+      .get('/json/2.0/pkg/novel')
      .reply(200, {
        version: {
          number: 'notRelevant',
+          date: 'notRelevant',
        },
      })
  )
@@ -30,12 +39,13 @@ t.create('license missing')
 t.create('single license')
  .get('/l/tex.json')
  .intercept(nock =>
-    nock('http://www.ctan.org')
-      .get('/json/pkg/tex')
+    nock('https://www.ctan.org')
+      .get('/json/2.0/pkg/tex')
      .reply(200, {
        license: 'knuth',
        version: {
          number: 'notRelevant',
+          date: 'notRelevant',
        },
      })
  )
@@ -46,17 +56,18 @@ t.create('single license')

 t.create('version').get('/v/novel.json').expectBadge({
  label: 'ctan',
-  message: isVPlusDottedVersionAtLeastOne,
+  message: isVPlusDottedVersionAtLeastOneWithOptionalAlphabetLetter,
 })

 t.create('version')
  .get('/v/novel.json')
  .intercept(nock =>
-    nock('http://www.ctan.org')
-      .get('/json/pkg/novel')
+    nock('https://www.ctan.org')
+      .get('/json/2.0/pkg/novel')
      .reply(200, {
        version: {
          number: 'v1.11',
+          date: '',
        },
      })
  )
@@ -65,3 +76,9 @@ t.create('version')
    message: 'v1.11',
    color: 'blue',
  })
+
+t.create('date as version').get('/v/l3kernel.json').expectBadge({
+  label: 'ctan',
+  message: Joi.date().iso(),
+  color: 'blue',
+})
--- a/services/dynamic/dynamic-json.service.js
+++ b/services/dynamic/dynamic-json.service.js
@@ -6,6 +6,53 @@ import jsonPath from './json-path.js'
 export default class DynamicJson extends jsonPath(BaseJsonService) {
  static enabledMetrics = [MetricNames.SERVICE_RESPONSE_SIZE]
  static route = createRoute('json')
+  static openApi = {
+    '/badge/dynamic/json': {
+      get: {
+        summary: 'Dynamic JSON Badge',
+        description: `<p>
+          The Dynamic JSON Badge allows you to extract an arbitrary value from any
+          JSON Document using a JSONPath selector and show it on a badge.
+        </p>`,
+        parameters: [
+          {
+            name: 'url',
+            description: 'The URL to a JSON document',
+            in: 'query',
+            required: true,
+            schema: { type: 'string' },
+            example:
+              'https://github.com/badges/shields/raw/master/package.json',
+          },
+          {
+            name: 'query',
+            description:
+              'A <a href="https://jsonpath.com/">JSONPath</a> expression that will be used to query the document',
+            in: 'query',
+            required: true,
+            schema: { type: 'string' },
+            example: '$.name',
+          },
+          {
+            name: 'prefix',
+            description: 'Optional prefix to append to the value',
+            in: 'query',
+            required: false,
+            schema: { type: 'string' },
+            example: '[',
+          },
+          {
+            name: 'suffix',
+            description: 'Optional suffix to append to the value',
+            in: 'query',
+            required: false,
+            schema: { type: 'string' },
+            example: ']',
+          },
+        ],
+      },
+    },
+  }

  async fetch({ schema, url, errorMessages }) {
    return this._requestJson({
--- a/services/dynamic/dynamic-json.tester.js
+++ b/services/dynamic/dynamic-json.tester.js
@@ -27,7 +27,7 @@ t.create('Malformed url')
  )
  .expectBadge({
    label: 'Package Name',
-    message: 'inaccessible',
+    message: 'invalid',
    color: 'lightgrey',
  })

--- a/services/dynamic/dynamic-xml.service.js
+++ b/services/dynamic/dynamic-xml.service.js
@@ -15,6 +15,53 @@ export default class DynamicXml extends BaseService {
  static category = 'dynamic'
  static enabledMetrics = [MetricNames.SERVICE_RESPONSE_SIZE]
  static route = createRoute('xml')
+  static openApi = {
+    '/badge/dynamic/xml': {
+      get: {
+        summary: 'Dynamic XML Badge',
+        description: `<p>
+          The Dynamic XML Badge allows you to extract an arbitrary value from any
+          XML Document using an XPath selector and show it on a badge.
+        </p>`,
+        parameters: [
+          {
+            name: 'url',
+            description: 'The URL to a XML document',
+            in: 'query',
+            required: true,
+            schema: { type: 'string' },
+            example: 'https://httpbin.org/xml',
+          },
+          {
+            name: 'query',
+            description:
+              'A <a href="http://xpather.com/">XPath</a> expression that will be used to query the document',
+            in: 'query',
+            required: true,
+            schema: { type: 'string' },
+            example: '//slideshow/slide[1]/title',
+          },
+          {
+            name: 'prefix',
+            description: 'Optional prefix to append to the value',
+            in: 'query',
+            required: false,
+            schema: { type: 'string' },
+            example: '[',
+          },
+          {
+            name: 'suffix',
+            description: 'Optional suffix to append to the value',
+            in: 'query',
+            required: false,
+            schema: { type: 'string' },
+            example: ']',
+          },
+        ],
+      },
+    },
+  }
+
  static defaultBadgeData = { label: 'custom badge' }

  transform({ pathExpression, buffer }) {
--- a/services/dynamic/dynamic-yaml.service.js
+++ b/services/dynamic/dynamic-yaml.service.js
@@ -6,6 +6,53 @@ import jsonPath from './json-path.js'
 export default class DynamicYaml extends jsonPath(BaseYamlService) {
  static enabledMetrics = [MetricNames.SERVICE_RESPONSE_SIZE]
  static route = createRoute('yaml')
+  static openApi = {
+    '/badge/dynamic/yaml': {
+      get: {
+        summary: 'Dynamic YAML Badge',
+        description: `<p>
+          The Dynamic YAML Badge allows you to extract an arbitrary value from any
+          YAML Document using a JSONPath selector and show it on a badge.
+        </p>`,
+        parameters: [
+          {
+            name: 'url',
+            description: 'The URL to a YAML document',
+            in: 'query',
+            required: true,
+            schema: { type: 'string' },
+            example:
+              'https://raw.githubusercontent.com/badges/shields/master/.github/dependabot.yml',
+          },
+          {
+            name: 'query',
+            description:
+              'A <a href="https://jsonpath.com/">JSONPath</a> expression that will be used to query the document',
+            in: 'query',
+            required: true,
+            schema: { type: 'string' },
+            example: '$.version',
+          },
+          {
+            name: 'prefix',
+            description: 'Optional prefix to append to the value',
+            in: 'query',
+            required: false,
+            schema: { type: 'string' },
+            example: '[',
+          },
+          {
+            name: 'suffix',
+            description: 'Optional suffix to append to the value',
+            in: 'query',
+            required: false,
+            schema: { type: 'string' },
+            example: ']',
+          },
+        ],
+      },
+    },
+  }

  async fetch({ schema, url, errorMessages }) {
    return this._requestYaml({
--- a/services/endpoint/endpoint.service.js
+++ b/services/endpoint/endpoint.service.js
@@ -11,14 +11,144 @@ const queryParamSchema = Joi.object({
  url: optionalUrl.required(),
 }).required()

+const description = `<p>
+  Using the endpoint badge, you can provide content for a badge through
+  a JSON endpoint. The content can be prerendered, or generated on the
+  fly. To strike a balance between responsiveness and bandwidth
+  utilization on one hand, and freshness on the other, cache behavior is
+  configurable, subject to the Shields minimum. The endpoint URL is
+  provided to Shields through the query string. Shields fetches it and
+  formats the badge.
+</p>
+<p>
+  The endpoint badge takes a single required query param: <code>url</code>, which is the URL to your JSON endpoint
+</p>
+<div>
+  <h2>Example JSON Endpoint Response</h2>
+  <code>&#123; "schemaVersion": 1, "label": "hello", "message": "sweet world", "color": "orange" &#125;</code>
+  <h2>Example Shields Response</h2>
+  <img src="https://img.shields.io/badge/hello-sweet_world-orange" />
+</div>
+<div>
+  <h2>Schema</h2>
+  <table>
+    <tbody>
+      <tr>
+        <th>Property</th>
+        <th>Description</th>
+      </tr>
+      <tr>
+        <td><code>schemaVersion</code></td>
+        <td>Required. Always the number <code>1</code>.</td>
+      </tr>
+      <tr>
+        <td><code>label</code></td>
+        <td>
+          Required. The left text, or the empty string to omit the left side of
+          the badge. This can be overridden by the query string.
+        </td>
+      </tr>
+      <tr>
+        <td><code>message</code></td>
+        <td>Required. Can't be empty. The right text.</td>
+      </tr>
+      <tr>
+        <td><code>color</code></td>
+        <td>
+          Default: <code>lightgrey</code>. The right color. Supports the eight
+          named colors above, as well as hex, rgb, rgba, hsl, hsla and css named
+          colors. This can be overridden by the query string.
+        </td>
+      </tr>
+      <tr>
+        <td><code>labelColor</code></td>
+        <td>
+          Default: <code>grey</code>. The left color. This can be overridden by
+          the query string.
+        </td>
+      </tr>
+      <tr>
+        <td><code>isError</code></td>
+        <td>
+          Default: <code>false</code>. <code>true</code> to treat this as an
+          error badge. This prevents the user from overriding the color. In the
+          future, it may affect cache behavior.
+        </td>
+      </tr>
+      <tr>
+        <td><code>namedLogo</code></td>
+        <td>
+          Default: none. One of the named logos supported by Shields or
+          <a href="https://simpleicons.org/">simple-icons</a>. Can be overridden
+          by the query string.
+        </td>
+      </tr>
+      <tr>
+        <td><code>logoSvg</code></td>
+        <td>Default: none. An SVG string containing a custom logo.</td>
+      </tr>
+      <tr>
+        <td><code>logoColor</code></td>
+        <td>
+          Default: none. Same meaning as the query string. Can be overridden by
+          the query string. Only works for named logos and Shields logos. If you
+          override the color of a multicolor Shield logo, the corresponding
+          named logo will be used and colored.
+        </td>
+      </tr>
+      <tr>
+        <td><code>logoWidth</code></td>
+        <td>
+          Default: none. Same meaning as the query string. Can be overridden by
+          the query string.
+        </td>
+      </tr>
+      <tr>
+        <td><code>logoPosition</code></td>
+        <td>
+          Default: none. Same meaning as the query string. Can be overridden by
+          the query string.
+        </td>
+      </tr>
+      <tr>
+        <td><code>style</code></td>
+        <td>
+          Default: <code>flat</code>. The default template to use. Can be
+          overridden by the query string.
+        </td>
+      </tr>
+    </tbody>
+  </table>
+</div>`
+
 export default class Endpoint extends BaseJsonService {
  static category = 'dynamic'
+
  static route = {
    base: 'endpoint',
    pattern: '',
    queryParamSchema,
  }

+  static openApi = {
+    '/endpoint': {
+      get: {
+        summary: 'Endpoint Badge',
+        description,
+        parameters: [
+          {
+            name: 'url',
+            description: 'The URL to your JSON endpoint',
+            in: 'query',
+            required: true,
+            schema: { type: 'string' },
+            example: 'https://shields.redsparr0w.com/2473/monday',
+          },
+        ],
+      },
+    },
+  }
+
  static _cacheLength = 300
  static defaultBadgeData = { label: 'custom badge' }

--- a/services/endpoint/endpoint.tester.js
+++ b/services/endpoint/endpoint.tester.js
@@ -1,6 +1,6 @@
 import zlib from 'zlib'
 import { expect } from 'chai'
-import { getShieldsIcon } from '../../lib/logos.js'
+import { getShieldsIcon, getSimpleIcon } from '../../lib/logos.js'
 import { createServiceTester } from '../tester.js'
 export const t = await createServiceTester()

@@ -73,13 +73,13 @@ t.create('named logo with color')
      schemaVersion: 1,
      label: 'hey',
      message: 'yo',
-      namedLogo: 'npm',
+      namedLogo: 'github',
      logoColor: 'blue',
    })
  )
  .after((err, res, body) => {
    expect(err).not.to.be.ok
-    expect(body).to.include(getShieldsIcon({ name: 'npm', color: 'blue' }))
+    expect(body).to.include(getSimpleIcon({ name: 'github', color: 'blue' }))
  })

 const logoSvg = Buffer.from(
--- a/services/github/gist/github-gist-last-commit-redirect.tester.js
+++ b/services/github/gist/github-gist-last-commit-redirect.tester.js
@@ -1,6 +1,7 @@
 import { ServiceTester } from '../../tester.js'
+
 export const t = new ServiceTester({
-  id: 'GithubGistLastCommitRedirect',
+  id: 'GistLastCommitRedirect',
  title: 'Github Gist Last Commit Redirect',
  pathPrefix: '/github-gist',
 })
--- a/services/github/gist/github-gist-last-commit.service.js
+++ b/services/github/gist/github-gist-last-commit.service.js
@@ -8,7 +8,7 @@ const schema = Joi.object({
  updated_at: Joi.string().required(),
 }).required()

-export default class GithubGistLastCommit extends GithubAuthV3Service {
+export default class GistLastCommit extends GithubAuthV3Service {
  static category = 'activity'
  static route = { base: 'github/gist/last-commit', pattern: ':gistId' }
  static examples = [
--- a/services/github/gist/github-gist-stars-redirect.tester.js
+++ b/services/github/gist/github-gist-stars-redirect.tester.js
@@ -1,6 +1,6 @@
 import { ServiceTester } from '../../tester.js'
 export const t = new ServiceTester({
-  id: 'GithubGistStarsRedirect',
+  id: 'GistStarsRedirect',
  title: 'Github Gist Stars Redirect',
  pathPrefix: '/github',
 })
--- a/services/github/gist/github-gist-stars.service.js
+++ b/services/github/gist/github-gist-stars.service.js
@@ -24,7 +24,7 @@ const documentation = `${commonDocumentation}
 <p>This badge shows the number of stargazers for a gist. Gist id is accepted as input and 'gist not found' is returned if the gist is not found for the given gist id.
 </p>`

-export default class GithubGistStars extends GithubAuthV4Service {
+export default class GistStars extends GithubAuthV4Service {
  static category = 'social'

  static route = {
--- a/services/github/github-constellation.js
+++ b/services/github/github-constellation.js
@@ -1,5 +1,6 @@
 import { AuthHelper } from '../../core/base-service/auth-helper.js'
 import RedisTokenPersistence from '../../core/token-pooling/redis-token-persistence.js'
+import SqlTokenPersistence from '../../core/token-pooling/sql-token-persistence.js'
 import log from '../../core/server/log.js'
 import GithubApiProvider from './github-api-provider.js'
 import { setRoutes as setAcceptorRoutes } from './auth/acceptor.js'
@@ -23,8 +24,18 @@ class GithubConstellation {
    this._debugEnabled = config.service.debug.enabled
    this._debugIntervalSeconds = config.service.debug.intervalSeconds

-    const { redis_url: redisUrl, gh_token: globalToken } = config.private
-    if (redisUrl) {
+    const {
+      postgres_url: pgUrl,
+      redis_url: redisUrl,
+      gh_token: globalToken,
+    } = config.private
+    if (pgUrl) {
+      log.log('Token persistence configured with dbUrl')
+      this.persistence = new SqlTokenPersistence({
+        url: pgUrl,
+        table: 'github_user_tokens',
+      })
+    } else if (redisUrl) {
      log.log('Token persistence configured with redisUrl')
      this.persistence = new RedisTokenPersistence({
        url: redisUrl,
--- a/services/github/github-hacktoberfest.service.js
+++ b/services/github/github-hacktoberfest.service.js
@@ -18,7 +18,6 @@ const documentation = `
    badge can be added to the project readme to encourage potential
    contributors to review the suggested issues and to celebrate the
    contributions that have already been made.
-
    The badge displays three pieces of information:
    <ul>
      <li>
@@ -33,7 +32,6 @@ const documentation = `
      </li>
      <li>The number of days left of October.</li>
    </ul>
-
  </p>

  ${githubDocumentation}
--- a/services/github/github-size.service.js
+++ b/services/github/github-size.service.js
@@ -21,7 +21,7 @@ export default class GithubSize extends GithubAuthV3Service {

  static route = {
    base: 'github/size',
-    pattern: ':user/:repo/:path*',
+    pattern: ':user/:repo/:path+',
    queryParamSchema,
  }

--- a/services/jenkins/jenkins-coverage-redirector.service.js
+++ b/services/jenkins/jenkins-coverage-redirector.service.js
@@ -30,4 +30,13 @@ export default [
    dateAdded: new Date('2019-11-29'),
    ...commonProps,
  }),
+  redirector({
+    route: {
+      base: 'jenkins/coverage/api',
+      pattern: '',
+    },
+    category: 'coverage',
+    transformPath: () => '/jenkins/coverage/apiv1',
+    dateAdded: new Date('2023-03-21'),
+  }),
 ]
--- a/services/jenkins/jenkins-coverage-redirector.tester.js
+++ b/services/jenkins/jenkins-coverage-redirector.tester.js
@@ -53,3 +53,11 @@ t.create('api prefix + job url in path')
      'https://jenkins.library.illinois.edu/job/OpenSourceProjects/job/Speedwagon/job/master'
    )}`
  )
+
+t.create('old v1 api prefix to new prefix')
+  .get(
+    '/coverage/api.svg?jobUrl=http://loneraver.duckdns.org:8082/job/github/job/VisVid/job/master'
+  )
+  .expectRedirect(
+    '/jenkins/coverage/apiv1.svg?jobUrl=http://loneraver.duckdns.org:8082/job/github/job/VisVid/job/master'
+  )
--- a/services/jenkins/jenkins-coverage.service.js
+++ b/services/jenkins/jenkins-coverage.service.js
@@ -42,7 +42,7 @@ const formatMap = {
    },
    pluginSpecificPath: 'cobertura',
  },
-  api: {
+  apiv1: {
    schema: Joi.object({
      results: Joi.object({
        elements: Joi.array()
@@ -66,6 +66,25 @@ const formatMap = {
    },
    pluginSpecificPath: 'coverage/result',
  },
+  apiv4: {
+    schema: Joi.object({
+      projectStatistics: Joi.object({
+        line: Joi.string()
+          .pattern(/\d+\.\d+%/)
+          .required(),
+      }).required(),
+    }).required(),
+    treeQueryParam: 'projectStatistics[line]',
+    transform: json => {
+      const lineCoverageStr = json.projectStatistics.line
+      const lineCoverage = lineCoverageStr.substring(
+        0,
+        lineCoverageStr.length - 1
+      )
+      return { coverage: Number.parseFloat(lineCoverage) }
+    },
+    pluginSpecificPath: 'coverage',
+  },
 }

 const documentation = `
@@ -74,7 +93,7 @@ const documentation = `
  <ul>
    <li><a href="https://plugins.jenkins.io/jacoco">JaCoCo</a></li>
    <li><a href="https://plugins.jenkins.io/cobertura">Cobertura</a></li>
-    <li>Any plugin which integrates with the <a href="https://plugins.jenkins.io/code-coverage-api">Code Coverage API</a> (e.g. llvm-cov, Cobertura 1.13+, etc.)</li>
+    <li>Any plugin which integrates with version 1 or 4+ of the <a href="https://plugins.jenkins.io/code-coverage-api">Code Coverage API</a> (e.g. llvm-cov, Cobertura 1.13+, etc.)</li>
  </ul>
 </p>
 `
@@ -84,7 +103,7 @@ export default class JenkinsCoverage extends JenkinsBase {

  static route = {
    base: 'jenkins/coverage',
-    pattern: ':format(jacoco|cobertura|api)',
+    pattern: ':format(jacoco|cobertura|apiv1|apiv4)',
    queryParamSchema,
  }

--- a/services/jenkins/jenkins-coverage.tester.js
+++ b/services/jenkins/jenkins-coverage.tester.js
@@ -31,14 +31,49 @@ t.create('cobertura: job found')
  )
  .expectBadge({ label: 'coverage', message: isIntegerPercentage })

-t.create('code coverage API: job not found')
+t.create('code coverage API v1: job not found')
  .get(
-    '/api.json?jobUrl=https://jenkins.library.illinois.edu/job/does-not-exist'
+    '/apiv1.json?jobUrl=https://jenkins.library.illinois.edu/job/does-not-exist'
  )
  .expectBadge({ label: 'coverage', message: 'job or coverage not found' })

-t.create('code coverage API: job found')
+const coverageApiV1Response = {
+  _class: 'io.jenkins.plugins.coverage.targets.CoverageResult',
+  results: {
+    elements: [
+      { name: 'Report', ratio: 100.0 },
+      { name: 'Group', ratio: 100.0 },
+      { name: 'Package', ratio: 66.666664 },
+      { name: 'File', ratio: 52.0 },
+      { name: 'Class', ratio: 52.0 },
+      { name: 'Line', ratio: 40.66363 },
+      { name: 'Conditional', ratio: 29.91968 },
+    ],
+  },
+}
+
+t.create('code coverage API v1: job found')
  .get(
-    '/api.json?jobUrl=http://loneraver.duckdns.org:8082/job/github/job/VisVid/job/master/'
+    '/apiv1.json?jobUrl=http://loneraver.duckdns.org:8082/job/github/job/VisVid/job/master'
+  )
+  .intercept(nock =>
+    nock(
+      'http://loneraver.duckdns.org:8082/job/github/job/VisVid/job/master/lastCompletedBuild'
+    )
+      .get('/coverage/result/api/json')
+      .query(true)
+      .reply(200, coverageApiV1Response)
+  )
+  .expectBadge({ label: 'coverage', message: isIntegerPercentage })
+
+t.create('code coverage API v4+: job not found')
+  .get(
+    '/apiv4.json?jobUrl=https://jenkins.library.illinois.edu/job/does-not-exist'
+  )
+  .expectBadge({ label: 'coverage', message: 'job or coverage not found' })
+
+t.create('code coverage API v4+: job found')
+  .get(
+    '/apiv4.json?jobUrl=https://jenkins.mm12.xyz/jenkins/job/nmfu/job/master'
  )
  .expectBadge({ label: 'coverage', message: isIntegerPercentage })
--- a/services/mastodon/mastodon-follow.service.js
+++ b/services/mastodon/mastodon-follow.service.js
@@ -14,7 +14,7 @@ const queryParamSchema = Joi.object({

 const documentation = `
 <p>To find your user id, you can use <a link target="_blank" href="https://prouser123.me/misc/mastodon-userid-lookup.html">this tool</a>.</p><br>
-<p>Alternatively you can make a request to <code><br>https://your.mastodon.server/.well-known/webfinger?resource=acct:{user}@{domain}</br></code></p>
+<p>Alternatively you can make a request to <code>https://your.mastodon.server/.well-known/webfinger?resource=acct:{user}@{domain}</code></p>
 <p>Failing that, you can also visit your profile page, where your user ID will be in the header in a tag like this: <code>&lt;link href='https://your.mastodon.server/api/salmon/{your-user-id}' rel='salmon'></code></p>
 `

--- a/services/matrix/matrix.service.js
+++ b/services/matrix/matrix.service.js
@@ -29,9 +29,9 @@ const matrixStateSchema = Joi.array()
 const documentation = `
  <p>
    In order for this badge to work, the host of your room must allow guest accounts or dummy accounts to register, and the room must be world readable (chat history visible to anyone).
-    </br>
+    <br>
    The following steps will show you how to setup the badge URL using the Element Matrix client.
-    </br>
+    <br>
    <ul>
      <li>Select the desired room inside the Element client</li>
      <li>Click on the room settings button (gear icon) located near the top right of the client</li>
@@ -41,11 +41,11 @@ const documentation = `
      <li>Remove the starting hash character (<code>#</code>)</li>
      <li>The final badge URL should look something like this <code>/matrix/twim:matrix.org.svg</code></li>
    </ul>
-    </br>
+    <br>
    Some Matrix homeservers don't hold a server name matching where they live (e.g. if the homeserver <code>example.com</code> that created the room alias <code>#mysuperroom:example.com</code> lives at <code>matrix.example.com</code>).
-    </br>
+    <br>
    If that is the case of the homeserver that created the room alias used for generating the badge, you will need to add the server's FQDN (fully qualified domain name) as a query parameter.
-    </br>
+    <br>
    The final badge URL should then look something like this <code>/matrix/mysuperroom:example.com.svg?server_fqdn=matrix.example.com</code>.
  </p>
  `
--- a/services/mozilla-observatory/mozilla-observatory.service.js
+++ b/services/mozilla-observatory/mozilla-observatory.service.js
@@ -31,11 +31,11 @@ const documentation = `
  is a set of tools to analyze your website
  and inform you if you are utilizing the many available methods to secure it.
 </p>
-</p>
+<p>
  By default the scan result is hidden from the public result list.
  You can activate the publication of the scan result
  by setting the <code>publish</code> parameter.
-<p>
+</p>
 <p>
  The badge returns a cached site result if the site has been scanned anytime in the previous 24 hours.
  If you need to force invalidating the cache,
--- a/services/netlify/netlify.service.js
+++ b/services/netlify/netlify.service.js
@@ -52,9 +52,9 @@ export default class Netlify extends BaseSvgScrapingService {
    const { buffer } = await this._request({
      url,
    })
-    if (buffer.includes('#0D544F')) return { message: 'passing' }
-    if (buffer.includes('#900B31')) return { message: 'failing' }
-    if (buffer.includes('#AB6F10')) return { message: 'building' }
+    if (buffer.includes('#0F4A21')) return { message: 'passing' }
+    if (buffer.includes('#800A20')) return { message: 'failing' }
+    if (buffer.includes('#603408')) return { message: 'building' }
    return { message: 'unknown' }
  }

--- a/services/nexus/nexus.service.js
+++ b/services/nexus/nexus.service.js
@@ -81,8 +81,7 @@ export default class Nexus extends BaseJsonService {
      staticPreview: this.render({
        version: '3.9',
      }),
-      documentation: `
-    <p>
+      documentation: `<p>
      Specifying 'nexusVersion=3' when targeting Nexus 3 servers will speed up the badge rendering.
      Note that you can use this query parameter with any Nexus badge type (Releases, Snapshots, or Repository).
    </p>
@@ -132,8 +131,7 @@ export default class Nexus extends BaseJsonService {
      staticPreview: this.render({
        version: '7.0.1-SNAPSHOT',
      }),
-      documentation: `
-    <p>
+      documentation: `<p>
      Note that you can use query options with any Nexus badge type (Releases, Snapshots, or Repository).
    </p>
    <p>
@@ -144,7 +142,7 @@ export default class Nexus extends BaseJsonService {
      <ul>
        <li><a href="https://nexus.pentaho.org/swagger-ui/#/search/search">All Nexus 3 badges</a></li>
        <li><a href="https://repository.sonatype.org/nexus-restlet1x-plugin/default/docs/path__artifact_maven_resolve.html">Nexus 2 Releases and Snapshots badges</a></li>
-        <li><a href=https://repository.sonatype.org/nexus-indexer-lucene-plugin/default/docs/path__lucene_search.html">Nexus 2 Repository badges</a></li>
+        <li><a href="https://repository.sonatype.org/nexus-indexer-lucene-plugin/default/docs/path__lucene_search.html">Nexus 2 Repository badges</a></li>
      </ul>
    </p>
    `,
--- a/services/node/node-base.js
+++ b/services/node/node-base.js
@@ -27,8 +27,8 @@ export default class NodeVersionBase extends NPMBase {
      },
      {
        title: `${prefix} (scoped)`,
-        pattern: '@:scope/:packageName',
-        namedParams: { scope: 'stdlib', packageName: 'stdlib' },
+        pattern: ':scope/:packageName',
+        namedParams: { scope: '@stdlib', packageName: 'stdlib' },
        staticPreview: this.renderStaticPreview({
          nodeVersionRange: '>= 6.0.0',
        }),
@@ -48,8 +48,8 @@ export default class NodeVersionBase extends NPMBase {
      },
      {
        title: `${prefix} (scoped with tag)`,
-        pattern: '@:scope/:packageName/:tag',
-        namedParams: { scope: 'stdlib', packageName: 'stdlib', tag: 'latest' },
+        pattern: ':scope/:packageName/:tag',
+        namedParams: { scope: '@stdlib', packageName: 'stdlib', tag: 'latest' },
        staticPreview: this.renderStaticPreview({
          nodeVersionRange: '>= 6.0.0',
          tag: 'latest',
@@ -59,8 +59,8 @@ export default class NodeVersionBase extends NPMBase {
      },
      {
        title: `${prefix} (scoped with tag, custom registry)`,
-        pattern: '@:scope/:packageName/:tag',
-        namedParams: { scope: 'stdlib', packageName: 'stdlib', tag: 'latest' },
+        pattern: ':scope/:packageName/:tag',
+        namedParams: { scope: '@stdlib', packageName: 'stdlib', tag: 'latest' },
        queryParams: { registry_uri: 'https://registry.npmjs.com' },
        staticPreview: this.renderStaticPreview({
          nodeVersionRange: '>= 6.0.0',
--- a/services/npms-io/npms-io-score.service.js
+++ b/services/npms-io/npms-io-score.service.js
@@ -23,32 +23,36 @@ export default class NpmsIOScore extends BaseJsonService {
  static route = {
    base: 'npms-io',
    pattern:
-      ':type(final|maintenance|popularity|quality)-score/:scope(@.+)?/:packageName',
+      ':type(final-score|maintenance-score|popularity-score|quality-score)/:scope(@.+)?/:packageName',
  }

  static examples = [
    {
      title: 'npms.io (final)',
-      namedParams: { type: 'final', packageName: 'egg' },
+      namedParams: { type: 'final-score', packageName: 'egg' },
      staticPreview: this.render({ score: 0.9711 }),
      keywords,
    },
    {
      title: 'npms.io (popularity)',
      pattern: ':type/:scope/:packageName',
-      namedParams: { type: 'popularity', scope: '@vue', packageName: 'cli' },
+      namedParams: {
+        type: 'popularity-score',
+        scope: '@vue',
+        packageName: 'cli',
+      },
      staticPreview: this.render({ type: 'popularity', score: 0.89 }),
      keywords,
    },
    {
      title: 'npms.io (quality)',
-      namedParams: { type: 'quality', packageName: 'egg' },
+      namedParams: { type: 'quality-score', packageName: 'egg' },
      staticPreview: this.render({ type: 'quality', score: 0.98 }),
      keywords,
    },
    {
      title: 'npms.io (maintenance)',
-      namedParams: { type: 'maintenance', packageName: 'command' },
+      namedParams: { type: 'maintenance-score', packageName: 'command' },
      staticPreview: this.render({ type: 'maintenance', score: 0.222 }),
      keywords,
    },
@@ -76,8 +80,10 @@ export default class NpmsIOScore extends BaseJsonService {
      errorMessages: { 404: 'package not found or too new' },
    })

-    const score = type === 'final' ? json.score.final : json.score.detail[type]
+    const scoreType = type.slice(0, -6)
+    const score =
+      scoreType === 'final' ? json.score.final : json.score.detail[scoreType]

-    return this.constructor.render({ type, score })
+    return this.constructor.render({ type: scoreType, score })
  }
 }
--- a/services/ore/ore-base.js
+++ b/services/ore/ore-base.js
@@ -34,7 +34,7 @@ const resourceSchema = Joi.object({

 const documentation = `
 <p>Your Plugin ID is the name of your plugin in lowercase, without any spaces or dashes.</p>
-<p>Example: <code>https://ore.spongepowered.org/Erigitic/Total-Economy</code> - Here the Plugin ID is <code>totaleconomy<code/>.`
+<p>Example: <code>https://ore.spongepowered.org/Erigitic/Total-Economy</code> - Here the Plugin ID is <code>totaleconomy</code>.</p>`

 const keywords = ['sponge', 'spongemc', 'spongepowered']

--- a/services/packagist/packagist-base.js
+++ b/services/packagist/packagist-base.js
@@ -164,14 +164,12 @@ class BasePackagistService extends BaseJsonService {
    return versions.filter(version => version.version === release)[0]
  }
 }
-const customServerDocumentationFragment = `
-    <p>
+const customServerDocumentationFragment = `<p>
        Note that only network-accessible packagist.org and other self-hosted Packagist instances are supported.
    </p>
    `

-const cacheDocumentationFragment = `
-  <p>
+const cacheDocumentationFragment = `<p>
      Displayed data may be slightly outdated.
      Due to performance reasons, data fetched from packagist JSON API is cached for twelve hours on packagist infrastructure.
      For more information please refer to <a target="_blank" href="https://packagist.org/apidoc#get-package-data">official packagist documentation</a>.
--- a/services/polymart/polymart-base.js
+++ b/services/polymart/polymart-base.js
@@ -0,0 +1,51 @@
+import Joi from 'joi'
+import { BaseJsonService } from '../index.js'
+
+const resourceSchema = Joi.object({
+  response: Joi.object({
+    resource: Joi.object({
+      price: Joi.number().required(),
+      downloads: Joi.string().required(),
+      reviews: Joi.object({
+        count: Joi.number().required(),
+        stars: Joi.number().required(),
+      }).required(),
+      updates: Joi.object({
+        latest: Joi.object({
+          version: Joi.string().required(),
+        }).required(),
+      }).required(),
+    }).required(),
+  }).required(),
+}).required()
+
+const notFoundResourceSchema = Joi.object({
+  response: Joi.object({
+    success: Joi.boolean().required(),
+    errors: Joi.object().required(),
+  }).required(),
+})
+
+const resourceFoundOrNotSchema = Joi.alternatives(
+  resourceSchema,
+  notFoundResourceSchema
+)
+
+const documentation = `
+<p>You can find your resource ID in the url for your resource page.</p>
+<p>Example: <code>https://polymart.org/resource/polymart-plugin.323</code> - Here the Resource ID is 323.</p>`
+
+class BasePolymartService extends BaseJsonService {
+  async fetch({
+    resourceId,
+    schema = resourceFoundOrNotSchema,
+    url = `https://api.polymart.org/v1/getResourceInfo/?resource_id=${resourceId}`,
+  }) {
+    return this._requestJson({
+      schema,
+      url,
+    })
+  }
+}
+
+export { documentation, BasePolymartService }
--- a/services/polymart/polymart-downloads.service.js
+++ b/services/polymart/polymart-downloads.service.js
@@ -0,0 +1,35 @@
+import { NotFound } from '../../core/base-service/errors.js'
+import { renderDownloadsBadge } from '../downloads.js'
+import { BasePolymartService, documentation } from './polymart-base.js'
+
+export default class PolymartDownloads extends BasePolymartService {
+  static category = 'downloads'
+
+  static route = {
+    base: 'polymart/downloads',
+    pattern: ':resourceId',
+  }
+
+  static examples = [
+    {
+      title: 'Polymart Downloads',
+      namedParams: {
+        resourceId: '323',
+      },
+      staticPreview: renderDownloadsBadge({ downloads: 655 }),
+      documentation,
+    },
+  ]
+
+  static defaultBadgeData = {
+    label: 'downloads',
+  }
+
+  async handle({ resourceId }) {
+    const { response } = await this.fetch({ resourceId })
+    if (!response.resource) {
+      throw new NotFound()
+    }
+    return renderDownloadsBadge({ downloads: response.resource.downloads })
+  }
+}
--- a/services/polymart/polymart-downloads.tester.js
+++ b/services/polymart/polymart-downloads.tester.js
@@ -0,0 +1,13 @@
+import { isMetric } from '../test-validators.js'
+import { createServiceTester } from '../tester.js'
+export const t = await createServiceTester()
+
+t.create('Polymart Plugin (id 323)').get('/323.json').expectBadge({
+  label: 'downloads',
+  message: isMetric,
+})
+
+t.create('Invalid Resource (id 0)').get('/0.json').expectBadge({
+  label: 'downloads',
+  message: 'not found',
+})
--- a/services/polymart/polymart-latest-version.service.js
+++ b/services/polymart/polymart-latest-version.service.js
@@ -0,0 +1,38 @@
+import { NotFound } from '../../core/base-service/errors.js'
+import { renderVersionBadge } from '../version.js'
+import { BasePolymartService, documentation } from './polymart-base.js'
+export default class PolymartLatestVersion extends BasePolymartService {
+  static category = 'version'
+
+  static route = {
+    base: 'polymart/version',
+    pattern: ':resourceId',
+  }
+
+  static examples = [
+    {
+      title: 'Polymart Version',
+      namedParams: {
+        resourceId: '323',
+      },
+      staticPreview: renderVersionBadge({
+        version: 'v1.2.9',
+      }),
+      documentation,
+    },
+  ]
+
+  static defaultBadgeData = {
+    label: 'polymart',
+  }
+
+  async handle({ resourceId }) {
+    const { response } = await this.fetch({ resourceId })
+    if (!response.resource) {
+      throw new NotFound()
+    }
+    return renderVersionBadge({
+      version: response.resource.updates.latest.version,
+    })
+  }
+}
--- a/services/polymart/polymart-latest-version.tester.js
+++ b/services/polymart/polymart-latest-version.tester.js
@@ -0,0 +1,13 @@
+import { isVPlusDottedVersionNClauses } from '../test-validators.js'
+import { createServiceTester } from '../tester.js'
+export const t = await createServiceTester()
+
+t.create('Polymart Plugin (id 323)').get('/323.json').expectBadge({
+  label: 'polymart',
+  message: isVPlusDottedVersionNClauses,
+})
+
+t.create('Invalid Resource (id 0)').get('/0.json').expectBadge({
+  label: 'polymart',
+  message: 'not found',
+})
--- a/services/polymart/polymart-rating.service.js
+++ b/services/polymart/polymart-rating.service.js
@@ -0,0 +1,65 @@
+import { starRating, metric } from '../text-formatters.js'
+import { floorCount } from '../color-formatters.js'
+import { NotFound } from '../../core/base-service/errors.js'
+import { BasePolymartService, documentation } from './polymart-base.js'
+
+export default class PolymartRatings extends BasePolymartService {
+  static category = 'rating'
+
+  static route = {
+    base: 'polymart',
+    pattern: ':format(rating|stars)/:resourceId',
+  }
+
+  static examples = [
+    {
+      title: 'Polymart Stars',
+      pattern: 'stars/:resourceId',
+      namedParams: {
+        resourceId: '323',
+      },
+      staticPreview: this.render({
+        format: 'stars',
+        total: 14,
+        average: 5,
+      }),
+      documentation,
+    },
+    {
+      title: 'Polymart Rating',
+      pattern: 'rating/:resourceId',
+      namedParams: {
+        resourceId: '323',
+      },
+      staticPreview: this.render({ total: 14, average: 5 }),
+      documentation,
+    },
+  ]
+
+  static defaultBadgeData = {
+    label: 'rating',
+  }
+
+  static render({ format, total, average }) {
+    const message =
+      format === 'stars'
+        ? starRating(average)
+        : `${average}/5 (${metric(total)})`
+    return {
+      message,
+      color: floorCount(average, 2, 3, 4),
+    }
+  }
+
+  async handle({ format, resourceId }) {
+    const { response } = await this.fetch({ resourceId })
+    if (!response.resource) {
+      throw new NotFound()
+    }
+    return this.constructor.render({
+      format,
+      total: response.resource.reviews.count,
+      average: response.resource.reviews.stars.toFixed(2),
+    })
+  }
+}
--- a/services/polymart/polymart-rating.tester.js
+++ b/services/polymart/polymart-rating.tester.js
@@ -0,0 +1,27 @@
+import { isStarRating, withRegex } from '../test-validators.js'
+import { createServiceTester } from '../tester.js'
+export const t = await createServiceTester()
+
+t.create('Stars - Polymart Plugin (id 323)')
+  .get('/stars/323.json')
+  .expectBadge({
+    label: 'rating',
+    message: isStarRating,
+  })
+
+t.create('Stars - Invalid Resource (id 0)').get('/stars/0.json').expectBadge({
+  label: 'rating',
+  message: 'not found',
+})
+
+t.create('Rating - Polymart Plugin (id 323)')
+  .get('/rating/323.json')
+  .expectBadge({
+    label: 'rating',
+    message: withRegex(/^(\d*\.\d+)(\/5 \()(\d+)(\))$/),
+  })
+
+t.create('Rating - Invalid Resource (id 0)').get('/rating/0.json').expectBadge({
+  label: 'rating',
+  message: 'not found',
+})
--- a/services/pypi/pypi-base.js
+++ b/services/pypi/pypi-base.js
@@ -22,7 +22,7 @@ export default class PypiBase extends BaseJsonService {
  static buildRoute(base) {
    return {
      base,
-      pattern: ':egg*',
+      pattern: ':egg+',
    }
  }

--- a/services/pypi/pypi-framework-versions.service.js
+++ b/services/pypi/pypi-framework-versions.service.js
@@ -50,7 +50,7 @@ export default class PypiFrameworkVersion extends PypiBase {
    base: 'pypi/frameworkversions',
    pattern: `:frameworkName(${Object.keys(frameworkNameMap).join(
      '|'
-    )})/:packageName*`,
+    )})/:packageName+`,
  }

  static examples = [
--- a/services/security-headers/security-headers.service.js
+++ b/services/security-headers/security-headers.service.js
@@ -13,9 +13,9 @@ const documentation = `
  provide an easy mechanism to analyze HTTP response headers and
  give information on how to deploy missing headers.
 </p>
-</p>
-  The scan result will be hidden from the public result list and follow redirects will be on too.
 <p>
+  The scan result will be hidden from the public result list and follow redirects will be on too.
+</p>
 `

 export default class SecurityHeaders extends BaseService {
--- a/services/snyk/snyk-vulnerability-github.service.js
+++ b/services/snyk/snyk-vulnerability-github.service.js
@@ -25,8 +25,7 @@ export default class SnykVulnerabilityGitHub extends SynkVulnerabilityBase {
        manifestFilePath: 'badge-maker/package.json',
      },
      staticPreview: this.render({ vulnerabilities: '0' }),
-      documentation: `
-        <p>
+      documentation: `<p>
          Provide the path to your target manifest file relative to the base of your repository.
          Snyk does not support using a specific branch for this, so do not include "blob" nor a branch name.
        </p>
--- a/services/sonar/sonar-fortify-rating.service.js
+++ b/services/sonar/sonar-fortify-rating.service.js
@@ -31,8 +31,7 @@ export default class SonarFortifyRating extends SonarBase {
      },
      staticPreview: this.render({ rating: 4 }),
      keywords,
-      documentation: `
-      <p>
+      documentation: `<p>
        Note that the Fortify Security Rating badge will only work on Sonar instances that have the <a href='https://marketplace.microfocus.com/fortify/content/fortify-sonarqube-plugin'>Fortify SonarQube Plugin</a> installed.
        The badge is not available for projects analyzed on SonarCloud.io
      </p>
--- a/services/sonar/sonar-helpers.js
+++ b/services/sonar/sonar-helpers.js
@@ -47,15 +47,14 @@ const queryParamWithFormatSchema = Joi.object({
 }).required()

 const keywords = ['sonarcloud', 'sonarqube']
-const documentation = `
-  <p>
+const documentation = `<p>
    The Sonar badges will work with both SonarCloud.io and self-hosted SonarQube instances.
    Just enter the correct protocol and path for your target Sonar deployment.
  </p>
  <p>
    If you are targeting a legacy SonarQube instance that is version 5.3 or earlier, then be sure
    to include the version query parameter with the value of your SonarQube version.
-  </p
+  </p>
 `

 export {
--- a/services/sonar/sonar-tests.service.js
+++ b/services/sonar/sonar-tests.service.js
@@ -43,8 +43,7 @@ class SonarTestsSummary extends SonarBase {
        isCompact: false,
      }),
      keywords,
-      documentation: `
-        ${documentation}
+      documentation: `${documentation}
        ${testResultsDocumentation}
      `,
    },
--- a/services/static-badge/static-badge.service.js
+++ b/services/static-badge/static-badge.service.js
@@ -1,15 +1,73 @@
 import { escapeFormat } from '../../core/badge-urls/path-helpers.js'
 import { BaseStaticService } from '../index.js'

+const description = `<p>
+  The static badge accepts a single required path parameter which encodes either:
+</p>
+<ul>
+  <li>
+    Label, message and color seperated by a dash <code>-</code>. For example:<br />
+    <img alt="any text: you like" src="https://img.shields.io/badge/any_text-you_like-blue" /> -
+    <a href="https://img.shields.io/badge/any_text-you_like-blue">https://img.shields.io/badge/any_text-you_like-blue</a>
+  </li>
+  <li>
+    Message and color only, seperated by a dash <code>-</code>. For example:<br />
+    <img alt="just the message" src="https://img.shields.io/badge/just%20the%20message-8A2BE2" /> -
+    <a href="https://img.shields.io/badge/just%20the%20message-8A2BE2">https://img.shields.io/badge/just%20the%20message-8A2BE2</a>
+  </li>
+</ul>
+<table>
+  <tbody>
+    <tr>
+      <th>URL input</th>
+      <th>Badge output</th>
+    </tr>
+    <tr>
+      <td>Underscore <code>_</code> or <code>%20</code></td>
+      <td>Space <code>&nbsp;</code></td>
+    </tr>
+    <tr>
+      <td>Double underscore <code>__</code></td>
+      <td>Underscore <code>_</code></td>
+    </tr>
+    <tr>
+      <td>Double dash <code>--</code></td>
+      <td>Dash <code>-</code></td>
+    </tr>
+  </tbody>
+</table>
+<p>
+  Hex, rgb, rgba, hsl, hsla and css named colors may be used.
+</p>`
+
 export default class StaticBadge extends BaseStaticService {
  static category = 'static'
-
  static route = {
    base: '',
    format: '(?::|badge/)((?:[^-]|--)*?)-?((?:[^-]|--)*)-((?:[^-.]|--)+)',
    capture: ['label', 'message', 'color'],
  }

+  static openApi = {
+    '/badge/{badgeContent}': {
+      get: {
+        summary: 'Static Badge',
+        description,
+        parameters: [
+          {
+            name: 'badgeContent',
+            description:
+              'Label, (optional) message, and color. Seperated by dashes',
+            in: 'path',
+            required: true,
+            schema: { type: 'string' },
+            example: 'build-passing-brightgreen',
+          },
+        ],
+      },
+    },
+  }
+
  handle({ label, message, color }) {
    return { label: escapeFormat(label), message: escapeFormat(message), color }
  }
--- a/services/steam/steam-workshop.service.js
+++ b/services/steam/steam-workshop.service.js
@@ -18,7 +18,7 @@ const documentation = `
 </p>
 <img
  src="https://user-images.githubusercontent.com/7288322/46567027-27c83400-c987-11e8-9850-ab67d987202f.png"
-  alt="Right-Click and 'Copy Page URL'">
+  alt="Right-Click and 'Copy Page URL'" />
 `

 const steamCollectionSchema = Joi.object({
--- a/services/twitter/twitter.service.js
+++ b/services/twitter/twitter.service.js
@@ -1,7 +1,6 @@
 import Joi from 'joi'
-import { metric } from '../text-formatters.js'
 import { optionalUrl } from '../validators.js'
-import { BaseService, BaseJsonService, NotFound } from '../index.js'
+import { BaseService, BaseJsonService } from '../index.js'

 const queryParamSchema = Joi.object({
  url: optionalUrl.required(),
@@ -33,6 +32,8 @@ class TwitterUrl extends BaseService {
    },
  ]

+  static _cacheLength = 86400
+
  static defaultBadgeData = {
    namedLogo: 'twitter',
  }
@@ -51,8 +52,19 @@ class TwitterUrl extends BaseService {
  }
 }

-const schema = Joi.any()
+/*
+This badge is unusual.

+We don't usually host badges that don't show any dynamic information.
+Also when an upstream API is removed, we usually deprecate/remove badges
+according to the process in
+https://github.com/badges/shields/blob/master/doc/deprecating-badges.md
+
+In the case of twitter, we decided to provide a static fallback instead
+due to how widely used the badge was. See
+https://github.com/badges/shields/issues/8837
+for related discussion.
+*/
 class TwitterFollow extends BaseJsonService {
  static category = 'social'

@@ -65,51 +77,40 @@ class TwitterFollow extends BaseJsonService {
    {
      title: 'Twitter Follow',
      namedParams: {
-        user: 'espadrine',
+        user: 'shields_io',
      },
      queryParams: { label: 'Follow' },
      // hard code the static preview
      // because link[] is not allowed in examples
      staticPreview: {
-        label: 'Follow',
-        message: '393',
+        label: 'Follow @shields_io',
+        message: '',
        style: 'social',
      },
    },
  ]

+  static _cacheLength = 86400
+
  static defaultBadgeData = {
    namedLogo: 'twitter',
  }

-  static render({ user, followers }) {
+  static render({ user }) {
    return {
      label: `follow @${user}`,
-      message: metric(followers),
+      message: '',
      style: 'social',
      link: [
        `https://twitter.com/intent/follow?screen_name=${encodeURIComponent(
          user
        )}`,
-        `https://twitter.com/${encodeURIComponent(user)}/followers`,
      ],
    }
  }

-  async fetch({ user }) {
-    return this._requestJson({
-      schema,
-      url: 'http://cdn.syndication.twimg.com/widgets/followbutton/info.json',
-      options: { searchParams: { screen_names: user } },
-    })
-  }
-
  async handle({ user }) {
-    const data = await this.fetch({ user })
-    if (!Array.isArray(data) || data.length === 0) {
-      throw new NotFound({ prettyMessage: 'invalid user' })
-    }
-    return this.constructor.render({ user, followers: data[0].followers_count })
+    return this.constructor.render({ user })
  }
 }

--- a/services/twitter/twitter.tester.js
+++ b/services/twitter/twitter.tester.js
@@ -1,4 +1,3 @@
-import { isMetric } from '../test-validators.js'
 import { ServiceTester } from '../tester.js'

 export const t = new ServiceTester({
@@ -10,25 +9,8 @@ t.create('Followers')
  .get('/follow/shields_io.json')
  .expectBadge({
    label: 'follow @shields_io',
-    message: isMetric,
-    link: [
-      'https://twitter.com/intent/follow?screen_name=shields_io',
-      'https://twitter.com/shields_io/followers',
-    ],
-  })
-
-t.create('Invalid Username Specified (non-existent user)')
-  .get('/follow/invalidusernamethatshouldnotexist.json?label=Follow')
-  .expectBadge({
-    label: 'Follow',
-    message: 'invalid user',
-  })
-
-t.create('Invalid Username Specified (only spaces)')
-  .get('/follow/%20%20.json?label=Follow')
-  .expectBadge({
-    label: 'Follow',
-    message: 'invalid user',
+    message: '',
+    link: ['https://twitter.com/intent/follow?screen_name=shields_io'],
  })

 t.create('URL')
--- a/services/vcpkg/vcpkg-version-helpers.js
+++ b/services/vcpkg/vcpkg-version-helpers.js
@@ -0,0 +1,17 @@
+import { InvalidResponse } from '../index.js'
+
+export function parseVersionFromVcpkgManifest(manifest) {
+  if (manifest['version-date']) {
+    return manifest['version-date']
+  }
+  if (manifest['version-semver']) {
+    return manifest['version-semver']
+  }
+  if (manifest['version-string']) {
+    return manifest['version-string']
+  }
+  if (manifest.version) {
+    return manifest.version
+  }
+  throw new InvalidResponse({ prettyMessage: 'missing version' })
+}
--- a/services/vcpkg/vcpkg-version-helpers.spec.js
+++ b/services/vcpkg/vcpkg-version-helpers.spec.js
@@ -0,0 +1,41 @@
+import { expect } from 'chai'
+import { InvalidResponse } from '../index.js'
+import { parseVersionFromVcpkgManifest } from './vcpkg-version-helpers.js'
+
+describe('parseVersionFromVcpkgManifest', function () {
+  it('returns a version when `version` field is detected', function () {
+    expect(
+      parseVersionFromVcpkgManifest({
+        version: '2.12.1',
+      })
+    ).to.equal('2.12.1')
+  })
+
+  it('returns a version when `version-date` field is detected', function () {
+    expect(
+      parseVersionFromVcpkgManifest({
+        'version-date': '2022-12-04',
+      })
+    ).to.equal('2022-12-04')
+  })
+
+  it('returns a version when `version-semver` field is detected', function () {
+    expect(
+      parseVersionFromVcpkgManifest({
+        'version-semver': '3.11.2',
+      })
+    ).to.equal('3.11.2')
+  })
+
+  it('returns a version when `version-date` field is detected', function () {
+    expect(
+      parseVersionFromVcpkgManifest({
+        'version-string': '22.01',
+      })
+    ).to.equal('22.01')
+  })
+
+  it('rejects when no version field variant is detected', function () {
+    expect(() => parseVersionFromVcpkgManifest('{}')).to.throw(InvalidResponse)
+  })
+})
--- a/services/vcpkg/vcpkg-version.service.js
+++ b/services/vcpkg/vcpkg-version.service.js
@@ -0,0 +1,66 @@
+import Joi from 'joi'
+import { ConditionalGithubAuthV3Service } from '../github/github-auth-service.js'
+import { fetchJsonFromRepo } from '../github/github-common-fetch.js'
+import { renderVersionBadge } from '../version.js'
+import { NotFound } from '../index.js'
+import { parseVersionFromVcpkgManifest } from './vcpkg-version-helpers.js'
+
+// Handle the different version fields available in Vcpkg manifests
+// https://learn.microsoft.com/en-us/vcpkg/reference/vcpkg-json?source=recommendations#version
+const vcpkgManifestSchema = Joi.alternatives()
+  .match('one')
+  .try(
+    Joi.object({
+      version: Joi.string().required(),
+    }).required(),
+    Joi.object({
+      'version-date': Joi.string().required(),
+    }).required(),
+    Joi.object({
+      'version-semver': Joi.string().required(),
+    }).required(),
+    Joi.object({
+      'version-string': Joi.string().required(),
+    }).required()
+  )
+
+export default class VcpkgVersion extends ConditionalGithubAuthV3Service {
+  static category = 'version'
+
+  static route = { base: 'vcpkg/v', pattern: ':portName' }
+
+  static examples = [
+    {
+      title: 'Vcpkg',
+      namedParams: { portName: 'entt' },
+      staticPreview: this.render({ version: '3.11.1' }),
+    },
+  ]
+
+  static defaultBadgeData = { label: 'vcpkg' }
+
+  static render({ version }) {
+    return renderVersionBadge({ version })
+  }
+
+  async handle({ portName }) {
+    try {
+      const manifest = await fetchJsonFromRepo(this, {
+        schema: vcpkgManifestSchema,
+        user: 'microsoft',
+        repo: 'vcpkg',
+        branch: 'master',
+        filename: `ports/${portName}/vcpkg.json`,
+      })
+      const version = parseVersionFromVcpkgManifest(manifest)
+      return this.constructor.render({ version })
+    } catch (error) {
+      if (error instanceof NotFound) {
+        throw new NotFound({
+          prettyMessage: 'port not found',
+        })
+      }
+      throw error
+    }
+  }
+}
--- a/services/vcpkg/vcpkg-version.tester.js
+++ b/services/vcpkg/vcpkg-version.tester.js
@@ -0,0 +1,16 @@
+import { isSemver } from '../test-validators.js'
+import { createServiceTester } from '../tester.js'
+
+export const t = await createServiceTester()
+
+t.create('gets nlohmann-json port version')
+  .get('/nlohmann-json.json')
+  .expectBadge({ label: 'vcpkg', color: 'blue', message: isSemver })
+
+t.create('gets not found error for invalid port')
+  .get('/this-port-does-not-exist.json')
+  .expectBadge({
+    label: 'vcpkg',
+    color: 'red',
+    message: 'port not found',
+  })
--- a/services/visual-studio-marketplace/visual-studio-marketplace-base.js
+++ b/services/visual-studio-marketplace/visual-studio-marketplace-base.js
@@ -16,7 +16,7 @@ const extensionQuerySchema = Joi.object({
                    value: Joi.number().required(),
                  })
                )
-                .required(),
+                .default([]),
              versions: Joi.array()
                .items(
                  Joi.object({
--- a/Show More
+++ b/Show More