fix: add some missing spaces in docs

migrate frontend to docusaurus (#9014 )
* delete loads of really important stuff that we definitely need * v basic MVP smoosh docusaurus PoC into repo * TODO * delete more really important stuff * TODO * tidyup: use run-s * don't redirect images used in frontend to raster proxy * fix routing * preserve the /endpoint link * delete the blog (for now) I would quite like to re-add this at some point but its not really the top priority thing right now * content edits * appease the lint gods * update danger rules * remove placeholder * cypress tests * dockerhub --> ghcr * Revert "dockerhub --> ghcr" This reverts commit ef74cbb26b. * downgrade lockfile format * implement defs/BASE_URL * fix e2e build * actually fix cypress tests * always run cypress tests on build * this never worked * add command for docusaurus:clear * delete more code we don't need any more * update ESLint/prettier config * delete unsused exports * documentation updates * delete a fairly large chunk of our dependency tree * allow base_url as build arg to Dockerfile * fixup dockerfile * work out base url at runtime if not set doing this at image build time is not the right approach * remove gatsby monorepo from closebot * rename HomepageFeatures to homepage-features
2023-06-17 14:53:52 -05:00 · 2023-06-17 10:59:07 +01:00 · 2023-06-15 19:20:16 +01:00 · 2023-06-14 20:53:48 +01:00 · 2023-06-13 21:08:43 +01:00 · 2023-06-12 07:49:20 +00:00
512 changed files with 33586 additions and 37448 deletions
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -1,245 +0,0 @@
-version: 2
-
-integration_steps: &integration_steps
-  steps:
-    - checkout
-
-    - run:
-        name: Install dependencies
-        command: |
-          npm ci
-        environment:
-          CYPRESS_INSTALL_BINARY: 0
-
-    - run:
-        name: Integration tests
-        when: always
-        environment:
-          mocha_reporter: mocha-junit-reporter
-          MOCHA_FILE: junit/integration/results.xml
-        command: npm run test:integration
-
-    - store_test_results:
-        path: junit
-
-services_steps: &services_steps
-  steps:
-    - checkout
-
-    - run:
-        name: Install dependencies
-        command: |
-          npm ci
-        environment:
-          CYPRESS_INSTALL_BINARY: 0
-
-    - run:
-        name: Identify services tagged in the PR title
-        command: npm run test:services:pr:prepare
-
-    - run:
-        name: Run tests for tagged services
-        environment:
-          mocha_reporter: mocha-junit-reporter
-          MOCHA_FILE: junit/services/results.xml
-        command: RETRY_COUNT=3 npm run test:services:pr:run
-
-    - store_test_results:
-        path: junit
-
-jobs:
-  integration:
-    docker:
-      - image: cimg/node:16.15
-      - image: redis
-
-    <<: *integration_steps
-
-  integration@node-17:
-    docker:
-      - image: cimg/node:17.9
-      - image: redis
-    environment:
-      NPM_CONFIG_ENGINE_STRICT: 'false'
-
-    <<: *integration_steps
-
-  danger:
-    docker:
-      - image: cimg/node:16.15
-    steps:
-      - checkout
-
-      - run:
-          name: Install dependencies
-          command: npm ci
-          environment:
-            CYPRESS_INSTALL_BINARY: 0
-
-      - run:
-          name: Danger
-          when: always
-          environment:
-            # https://github.com/gatsbyjs/gatsby/pull/11555
-            NODE_ENV: test
-          command: npm run danger ci
-
-  frontend:
-    docker:
-      - image: cimg/node:16.15
-
-    steps:
-      - checkout
-
-      - run:
-          name: Install dependencies
-          command: |
-            npm ci
-          environment:
-            CYPRESS_INSTALL_BINARY: 0
-
-      - run:
-          name: Prepare frontend tests
-          command: npm run defs && npm run features
-
-      - run:
-          name: Check types
-          command: npm run check-types:frontend
-
-      - run:
-          name: Frontend unit tests
-          environment:
-            mocha_reporter: mocha-junit-reporter
-            MOCHA_FILE: junit/frontend/results.xml
-          when: always
-          command: npm run test:frontend
-
-      - store_test_results:
-          path: junit
-
-      - run:
-          name: Frontend build completes successfully
-          when: always
-          command: npm run build
-
-  services:
-    docker:
-      - image: cimg/node:16.15
-
-    <<: *services_steps
-
-  services@node-17:
-    docker:
-      - image: cimg/node:17.9
-    environment:
-      NPM_CONFIG_ENGINE_STRICT: 'false'
-
-    <<: *services_steps
-
-  e2e:
-    docker:
-      - image: cypress/base:16.14.0
-
-    steps:
-      - checkout
-
-      - restore_cache:
-          name: Restore Cypress binary
-          keys:
-            - v2-cypress-dependencies-{{ checksum "package-lock.json" }}
-
-      - run:
-          name: Install dependencies
-          command: |
-            npm ci
-
-      - run:
-          name: Frontend build
-          command: GATSBY_BASE_URL=http://localhost:8080 npm run build
-
-      - run:
-          name: Run tests
-          environment:
-            CYPRESS_REPORTER: junit
-            MOCHA_FILE: junit/e2e/results.xml
-          command: npm run e2e-on-build
-
-      - store_test_results:
-          path: junit
-
-      - store_artifacts:
-          path: cypress/videos
-
-      - store_artifacts:
-          path: cypress/screenshots
-
-      - save_cache:
-          name: Cache Cypress binary
-          paths:
-            # https://docs.cypress.io/guides/getting-started/installing-cypress.html#Binary-cache
-            - ~/.cache/Cypress
-          key: v2-cypress-dependencies-{{ checksum "package-lock.json" }}
-
-workflows:
-  version: 2
-
-  on-commit:
-    jobs:
-      - integration@node-17:
-          filters:
-            branches:
-              ignore: gh-pages
-      - frontend:
-          filters:
-            branches:
-              ignore: gh-pages
-      - services:
-          filters:
-            branches:
-              ignore:
-                - master
-                - gh-pages
-      - services@node-17:
-          filters:
-            branches:
-              ignore:
-                - master
-                - gh-pages
-      - danger:
-          filters:
-            branches:
-              ignore:
-                - master
-                - gh-pages
-                - /dependabot\/.*/
-      - e2e:
-          filters:
-            branches:
-              ignore: gh-pages
-  # on-commit-with-cache:
-  #   jobs:
-  #     - npm-install:
-  #         filters:
-  #           branches:
-  #             ignore: gh-pages
-  #     - frontend:
-  #         requires:
-  #           - npm-install
-  #     - services:
-  #         requires:
-  #           - npm-install
-  #         filters:
-  #           branches:
-  #             ignore: master
-  #     - services@node-latest:
-  #         requires:
-  #           - npm-install
-  #         filters:
-  #           branches:
-  #             ignore: master
-  #     - danger:
-  #         requires:
-  #           - npm-install
-  #         filters:
-  #           branches:
-  #             ignore: /dependabot\/.*/
--- a/.dockerignore
+++ b/.dockerignore
@@ -3,6 +3,7 @@ shields.env
 .git/
 .gitignore
 .vscode/
+fly.toml

 # Improve layer cacheability.
 Dockerfile
--- a/.eslintrc.yml
+++ b/.eslintrc.yml
@@ -2,7 +2,6 @@ extends:
  - standard
  - standard-jsx
  - standard-react
-  - plugin:@typescript-eslint/recommended
  - prettier
  - eslint:recommended

@@ -18,12 +17,13 @@ settings:
  react:
    version: '16.8'
  jsdoc:
-    mode: jsdoc
+    mode: typescript

 plugins:
  - chai-friendly
  - jsdoc
  - mocha
+  - icedfrisby
  - no-extension-in-require
  - sort-class-members
  - import
@@ -36,39 +36,33 @@ overrides:
  # rules listed here are only ones which conflict.

  - files:
-      - '**/*.js'
-      - '!frontend/**/*.js'
+      - 'badge-maker/**/*.js'
+      - '**/*.cjs'
    env:
      node: true
      es6: true
+
+  - files:
+      - '**/*.js'
+      - '!frontend/**/*.js'
+      - '!badge-maker/**/*.js'
+    env:
+      node: true
+      es6: true
+    parserOptions:
+      sourceType: 'module'
+    parser: '@typescript-eslint/parser'
    rules:
      no-console: 'off'
-      '@typescript-eslint/explicit-module-boundary-types': 'off'

  - files:
-      - '**/*.@(ts|tsx)'
+      - '**/*.ts'
    parserOptions:
      sourceType: 'module'
    parser: '@typescript-eslint/parser'
-    rules:
-      # Argh.
-      '@typescript-eslint/explicit-function-return-type':
-        ['error', { 'allowExpressions': true }]
-      '@typescript-eslint/no-empty-function': 'error'
-      '@typescript-eslint/no-var-requires': 'error'
-      '@typescript-eslint/no-object-literal-type-assertion': 'off'
-      '@typescript-eslint/no-explicit-any': 'error'
-      '@typescript-eslint/ban-ts-ignore': 'off'
-      '@typescript-eslint/explicit-module-boundary-types': 'off'

  - files:
-      - core/**/*.ts
-    parserOptions:
-      sourceType: 'module'
-    parser: '@typescript-eslint/parser'
-  - files:
-      - gatsby-browser.js
-      - 'frontend/**/*.@(js|ts|tsx)'
+      - 'frontend/**/*.js'
    parserOptions:
      sourceType: 'module'
    env:
@@ -113,21 +107,20 @@ overrides:
      mocha: true
    rules:
      mocha/no-exclusive-tests: 'error'
+      mocha/no-skipped-tests: 'error'
      mocha/no-mocha-arrows: 'error'
      mocha/prefer-arrow-callback: 'error'

+  - files:
+      - 'services/**/*.tester.js'
+    rules:
+      icedfrisby/no-exclusive-tests: 'error'
+      icedfrisby/no-skipped-tests: 'error'
+
 rules:
  # Disable some rules from eslint:recommended.
  no-empty: ['error', { 'allowEmptyCatch': true }]

-  # Allow unused parameters. In callbacks, removing them seems to obscure
-  # what the functions are doing.
-  '@typescript-eslint/no-unused-vars': ['error', { 'args': 'none' }]
-  no-unused-vars: 'off'
-
-  '@typescript-eslint/no-var-requires': 'off'
-
-  '@typescript-eslint/no-use-before-define': 'error'
  no-use-before-define: 'off'

  # These should be disabled by eslint-config-prettier, but are not.
@@ -178,7 +171,7 @@ rules:
  jsdoc/check-tag-names: 'error'
  jsdoc/check-types: 'error'
  jsdoc/implements-on-classes: 'error'
-  jsdoc/newline-after-description: 'error'
+  jsdoc/tag-lines: ['error', 'any', { 'startLines': 1 }]
  jsdoc/require-param: 'error'
  jsdoc/require-param-description: 'error'
  jsdoc/require-param-name: 'error'
@@ -189,11 +182,7 @@ rules:
  jsdoc/require-returns-type: 'error'
  jsdoc/valid-types: 'error'

-  # Disable some from TypeScript.
-  '@typescript-eslint/camelcase': off
-  '@typescript-eslint/explicit-function-return-type': 'off'
-  '@typescript-eslint/no-empty-function': 'off'
-
+  react/prop-types: 'off'
  react/jsx-sort-props: 'error'
  react-hooks/rules-of-hooks: 'error'
  react-hooks/exhaustive-deps: 'error'
--- a/.github/ISSUE_TEMPLATE/3_Badge_request.md
+++ b/.github/ISSUE_TEMPLATE/3_Badge_request.md
@@ -1,37 +0,0 @@
---
-name: 💡 Badge Request
-about: Ideas for new badges
-labels: 'service-badge'
---
-
-:clipboard: **Description**
-
-<!--
-A clear and concise description of the new badge.
-
- Which service is this badge for e.g: GitHub, Travis CI
- What sort of information should this badge show?
-  Provide an example in plain text e.g: "version | v1.01" or as a static badge
-  (static badge generator can be found at https://shields.io)
-->
-
-:link: **Data**
-
-<!--
-Where can we get the data from?
-
- Is there a public API?
- Does the API require an API key?
- Link to the API documentation.
-->
-
-:microphone: **Motivation**
-
-<!--
-Please explain why this feature should be implemented and how it would be used.
-
- What is the specific use case?
-->
-
-<!-- Love Shields? Please consider donating $10 to sustain our activities:
-👉  https://opencollective.com/shields -->
--- a/.github/ISSUE_TEMPLATE/3_Badge_request.yml
+++ b/.github/ISSUE_TEMPLATE/3_Badge_request.yml
@@ -0,0 +1,62 @@
+name: '💡 Badge Request'
+description: Ideas for new badges
+labels: ['service-badge']
+body:
+  - type: markdown
+    attributes:
+      value: >
+        ## Ideas for new badges
+
+
+        This issue template is for suggesting new badges which
+        **fetch and display data from an upstream service**.
+        If your suggestion is for a static badge
+        (which shows the same information every time it is requested), it is
+        [already possible to make these](https://github.com/badges/shields/blob/master/doc/static-badges.md).
+        We don't add specific routes for badges which only show static information.
+
+  - type: textarea
+    id: description
+    attributes:
+      label: '📋 Description'
+      description: |
+        A clear and concise description of the new badge.
+
+        - Which service is this badge for e.g: GitHub, Travis CI
+        - What sort of information should this badge show?
+          Provide an example in plain text e.g: "version | v1.01" or as a static badge
+          (static badge generator can be found at https://shields.io/#your-badge )
+    validations:
+      required: true
+
+  - type: textarea
+    id: data
+    attributes:
+      label: '🔗 Data'
+      description: |
+        Where can we get the data from?
+
+        Please consider and cover details like:
+        - Is there a public API?
+        - Does the API require authentication or an API key?
+          If so, please review our documentation on [Badges Requiring Authentication](https://github.com/badges/shields/blob/master/doc/authentication.md)
+        - Link to the API documentation.
+    validations:
+      required: true
+
+  - type: textarea
+    id: motivation
+    attributes:
+      label: '🎤 Motivation'
+      description: |
+        Please explain why this feature should be implemented and how it would be used.
+
+        - What is the specific use case?
+    validations:
+      required: true
+
+  - type: markdown
+    attributes:
+      value: |
+        ## :heart: Love Shields?
+        Please consider donating $10 to sustain our activities: [https://opencollective.com/shields](https://opencollective.com/shields)
--- a/.github/actions/close-bot/action.yml
+++ b/.github/actions/close-bot/action.yml
@@ -8,5 +8,5 @@ inputs:
    description: 'The GITHUB_TOKEN secret'
    required: true
 runs:
-  using: 'node12'
+  using: 'node16'
  main: 'index.js'
--- a/.github/actions/close-bot/helpers.js
+++ b/.github/actions/close-bot/helpers.js
@@ -35,7 +35,6 @@ function allChangelogLinesAreVersionBump(changelogLines) {

 function isPointlessVersionBump(body) {
  const pointlessBumpLinks = [
-    'https://github.com/gatsbyjs/gatsby',
    'https://github.com/typescript-eslint/typescript-eslint',
  ]

--- a/.github/actions/close-bot/package-lock.json
+++ b/.github/actions/close-bot/package-lock.json
@@ -9,23 +9,23 @@
      "version": "0.0.0",
      "license": "CC0",
      "dependencies": {
-        "@actions/core": "^1.9.1",
-        "@actions/github": "^5.0.3"
+        "@actions/core": "^1.10.0",
+        "@actions/github": "^5.1.1"
      }
    },
    "node_modules/@actions/core": {
-      "version": "1.9.1",
-      "resolved": "https://registry.npmjs.org/@actions/core/-/core-1.9.1.tgz",
-      "integrity": "sha512-5ad+U2YGrmmiw6du20AQW5XuWo7UKN2052FjSV7MX+Wfjf8sCqcsZe62NfgHys4QI4/Y+vQvLKYL8jWtA1ZBTA==",
+      "version": "1.10.0",
+      "resolved": "https://registry.npmjs.org/@actions/core/-/core-1.10.0.tgz",
+      "integrity": "sha512-2aZDDa3zrrZbP5ZYg159sNoLRb61nQ7awl5pSvIq5Qpj81vwDzdMRKzkWJGJuwVvWpvZKx7vspJALyvaaIQyug==",
      "dependencies": {
        "@actions/http-client": "^2.0.1",
        "uuid": "^8.3.2"
      }
    },
    "node_modules/@actions/github": {
-      "version": "5.0.3",
-      "resolved": "https://registry.npmjs.org/@actions/github/-/github-5.0.3.tgz",
-      "integrity": "sha512-myjA/pdLQfhUGLtRZC/J4L1RXOG4o6aYdiEq+zr5wVVKljzbFld+xv10k1FX6IkIJtNxbAq44BdwSNpQ015P0A==",
+      "version": "5.1.1",
+      "resolved": "https://registry.npmjs.org/@actions/github/-/github-5.1.1.tgz",
+      "integrity": "sha512-Nk59rMDoJaV+mHCOJPXuvB1zIbomlKS0dmSIqPGxd0enAXBnOfn4VWF+CGtRCwXZG9Epa54tZA7VIRlJDS8A6g==",
      "dependencies": {
        "@actions/http-client": "^2.0.1",
        "@octokit/core": "^3.6.0",
@@ -235,18 +235,18 @@
  },
  "dependencies": {
    "@actions/core": {
-      "version": "1.9.1",
-      "resolved": "https://registry.npmjs.org/@actions/core/-/core-1.9.1.tgz",
-      "integrity": "sha512-5ad+U2YGrmmiw6du20AQW5XuWo7UKN2052FjSV7MX+Wfjf8sCqcsZe62NfgHys4QI4/Y+vQvLKYL8jWtA1ZBTA==",
+      "version": "1.10.0",
+      "resolved": "https://registry.npmjs.org/@actions/core/-/core-1.10.0.tgz",
+      "integrity": "sha512-2aZDDa3zrrZbP5ZYg159sNoLRb61nQ7awl5pSvIq5Qpj81vwDzdMRKzkWJGJuwVvWpvZKx7vspJALyvaaIQyug==",
      "requires": {
        "@actions/http-client": "^2.0.1",
        "uuid": "^8.3.2"
      }
    },
    "@actions/github": {
-      "version": "5.0.3",
-      "resolved": "https://registry.npmjs.org/@actions/github/-/github-5.0.3.tgz",
-      "integrity": "sha512-myjA/pdLQfhUGLtRZC/J4L1RXOG4o6aYdiEq+zr5wVVKljzbFld+xv10k1FX6IkIJtNxbAq44BdwSNpQ015P0A==",
+      "version": "5.1.1",
+      "resolved": "https://registry.npmjs.org/@actions/github/-/github-5.1.1.tgz",
+      "integrity": "sha512-Nk59rMDoJaV+mHCOJPXuvB1zIbomlKS0dmSIqPGxd0enAXBnOfn4VWF+CGtRCwXZG9Epa54tZA7VIRlJDS8A6g==",
      "requires": {
        "@actions/http-client": "^2.0.1",
        "@octokit/core": "^3.6.0",
--- a/.github/actions/close-bot/package.json
+++ b/.github/actions/close-bot/package.json
@@ -10,7 +10,7 @@
  "author": "chris48s",
  "license": "CC0",
  "dependencies": {
-    "@actions/core": "^1.9.1",
-    "@actions/github": "^5.0.3"
+    "@actions/core": "^1.10.0",
+    "@actions/github": "^5.1.1"
  }
 }
--- a/.github/actions/integration-tests/action.yml
+++ b/.github/actions/integration-tests/action.yml
@@ -0,0 +1,28 @@
+name: 'Integration tests'
+description: 'Run integration tests'
+inputs:
+  github-token:
+    description: 'The GITHUB_TOKEN secret'
+    required: true
+runs:
+  using: 'composite'
+  steps:
+    - name: Migrate DB
+      if: always()
+      run: npm run migrate up
+      env:
+        POSTGRES_URL: postgresql://postgres:postgres@localhost:5432/ci_test
+      shell: bash
+
+    - name: Integration Tests
+      if: always()
+      run: npm run test:integration -- --reporter json --reporter-option 'output=reports/integration-tests.json'
+      env:
+        GH_TOKEN: '${{ inputs.github-token }}'
+        POSTGRES_URL: postgresql://postgres:postgres@localhost:5432/ci_test
+      shell: bash
+
+    - name: Write Markdown Summary
+      if: always()
+      run: node scripts/mocha2md.js Integration reports/integration-tests.json >> $GITHUB_STEP_SUMMARY
+      shell: bash
--- a/.github/actions/service-tests/action.yml
+++ b/.github/actions/service-tests/action.yml
@@ -0,0 +1,86 @@
+name: 'Service tests'
+description: 'Run tests for selected services'
+inputs:
+  github-token:
+    description: 'The GITHUB_TOKEN secret'
+    required: true
+  librariesio-tokens:
+    description: 'The SERVICETESTS_LIBRARIESIO_TOKENS secret'
+    required: false
+    default: ''
+  obs-user:
+    description: 'The SERVICETESTS_OBS_USER secret'
+    required: false
+    default: ''
+  obs-pass:
+    description: 'The SERVICETESTS_OBS_PASS secret'
+    required: false
+    default: ''
+  sl-insight-user-uuid:
+    description: 'The SERVICETESTS_SL_INSIGHT_USER_UUID secret'
+    required: false
+    default: ''
+  sl-insight-api-token:
+    description: 'The SERVICETESTS_SL_INSIGHT_API_TOKEN secret'
+    required: false
+    default: ''
+  twitch-client-id:
+    description: 'The SERVICETESTS_TWITCH_CLIENT_ID secret'
+    required: false
+    default: ''
+  twitch-client-secret:
+    description: 'The SERVICETESTS_TWITCH_CLIENT_SECRET secret'
+    required: false
+    default: ''
+  wheelmap-token:
+    description: 'The SERVICETESTS_WHEELMAP_TOKEN secret'
+    required: false
+    default: ''
+  youtube-api-key:
+    description: 'The SERVICETESTS_YOUTUBE_API_KEY secret'
+    required: false
+    default: ''
+
+runs:
+  using: 'composite'
+  steps:
+    - name: Derive list of service tests to run
+      # Note: In this step we are using an intermediate env var instead of
+      # passing github.event.pull_request.title as an argument
+      # to prevent a shell injection attack. Further reading:
+      # https://securitylab.github.com/research/github-actions-untrusted-input/#exploitability-and-impact
+      # https://securitylab.github.com/research/github-actions-untrusted-input/#remediation
+      if: always()
+      env:
+        TITLE: ${{ github.event.pull_request.title }}
+      run: npm run test:services:pr:prepare "$TITLE"
+      shell: bash
+
+    - name: Run service tests
+      if: always()
+      run: npm run test:services:pr:run -- --reporter json --reporter-option 'output=reports/service-tests.json'
+      shell: bash
+      env:
+        RETRY_COUNT: 3
+        GH_TOKEN: '${{ inputs.github-token }}'
+        LIBRARIESIO_TOKENS: '${{ inputs.librariesio-tokens }}'
+        OBS_USER: '${{ inputs.obs-user }}'
+        OBS_PASS: '${{ inputs.obs-pass }}'
+        SL_INSIGHT_USER_UUID: '${{ inputs.sl-insight-user-uuid }}'
+        SL_INSIGHT_API_TOKEN: '${{ inputs.sl-insight-api-token }}'
+        TWITCH_CLIENT_ID: '${{ inputs.twitch-client-id }}'
+        TWITCH_CLIENT_SECRET: '${{ inputs.twitch-client-secret }}'
+        WHEELMAP_TOKEN: '${{ inputs.wheelmap-token }}'
+        YOUTUBE_API_KEY: '${{ inputs.youtube-api-key }}'
+
+    - name: Write Markdown Summary
+      if: always()
+      run: |
+        if test -f 'reports/service-tests.json'; then
+          echo '# Services' >> $GITHUB_STEP_SUMMARY
+          sed -e 's/^/- /' pull-request-services.log >> $GITHUB_STEP_SUMMARY
+          node scripts/mocha2md.js Report reports/service-tests.json >> $GITHUB_STEP_SUMMARY
+        else
+          echo 'No services found. Nothing to do.' >> $GITHUB_STEP_SUMMARY
+        fi
+      shell: bash
--- a/.github/actions/setup/action.yml
+++ b/.github/actions/setup/action.yml
@@ -5,21 +5,32 @@ inputs:
    description: 'Version Spec of the version to use. Examples: 12.x, 10.15.1, >=10.15.0.'
    required: true
  cypress:
-    description: 'Install Cypress binary: 0 or 1'
+    description: 'Install Cypress binary (boolean)'
+    type: boolean
    # https://docs.cypress.io/guides/getting-started/installing-cypress.html#Skipping-installation
    # We don't need to install the Cypress binary in jobs that aren't actually running Cypress.
    required: false
-    default: 0
+    default: false
 runs:
  using: 'composite'
  steps:
    - name: Install Node JS ${{ inputs.node-version }}
-      uses: actions/setup-node@v2
+      uses: actions/setup-node@v3
      with:
        node-version: ${{ inputs.node-version }}

    - name: Install dependencies
+      if: ${{ inputs.cypress == 'false' }}
      env:
-        CYPRESS_INSTALL_BINARY: ${{ inputs.cypress }}
-      run: npm ci
+        CYPRESS_INSTALL_BINARY: 0
+      run: |
+        echo "skipping cypress binary"
+        npm ci
+      shell: bash
+
+    - name: Install dependencies (including cypress binary)
+      if: ${{ inputs.cypress == 'true' }}
+      run: |
+        echo "installing cypress binary"
+        npm ci
      shell: bash
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -8,6 +8,7 @@ updates:
      day: friday
      time: '12:00'
    open-pull-requests-limit: 99
+    rebase-strategy: disabled
    ignore:
      # https://github.com/badges/shields/issues/7324
      # https://github.com/badges/shields/issues/7447
@@ -27,6 +28,7 @@ updates:
      day: friday
      time: '12:00'
    open-pull-requests-limit: 99
+    rebase-strategy: disabled

  # close-bot package dependencies
  - package-ecosystem: npm
@@ -36,8 +38,12 @@ updates:
      day: friday
      time: '12:00'
    open-pull-requests-limit: 99
+    rebase-strategy: disabled
+
+  # GH actions
  - package-ecosystem: 'github-actions'
    directory: '/'
    schedule:
      interval: weekly
    open-pull-requests-limit: 99
+    rebase-strategy: disabled
--- a/.github/scripts/cleanup-review-apps.sh
+++ b/.github/scripts/cleanup-review-apps.sh
@@ -0,0 +1,10 @@
+#!/bin/bash
+
+set -euxo pipefail
+
+apps=$(flyctl apps list --json | jq -r .[].ID | grep -E "pr-[0-9]+-badges-shields") || exit 0
+
+for app in $apps
+do
+  flyctl apps destroy "$app" -y
+done
--- a/.github/scripts/deploy-review-app.sh
+++ b/.github/scripts/deploy-review-app.sh
@@ -0,0 +1,35 @@
+#!/bin/bash
+
+set -euxo pipefail
+
+app="pr-$PR_NUMBER-badges-shields"
+region="ewr"
+org="shields-io"
+
+# Get PR JSON from the API
+# This will fail if $PR_NUMBER is not a valid PR
+pr_json=$(curl --fail "https://api.github.com/repos/badges/shields/pulls/$PR_NUMBER")
+
+# Attempt to apply the PR diff to the target branch
+# This will fail if it does not merge cleanly
+git config user.name "actions[bot]"
+git config user.email "actions@users.noreply.github.com"
+git fetch origin "pull/$PR_NUMBER/head:pr-$PR_NUMBER"
+git merge "pr-$PR_NUMBER"
+
+# If the app does not already exist, create it
+if ! flyctl status --app "$app"; then
+  flyctl launch --no-deploy --copy-config --name "$app" --region "$region" --org "$org"
+  echo $SECRETS | tr " " "\n" | flyctl secrets import --app "$app"
+fi
+
+# Deploy
+flyctl deploy --app "$app" --region "$region"
+
+# Post a comment on the PR
+app_url=$(flyctl status --app "$app" --json | jq -r .Hostname)
+comment_url=$(echo "$pr_json" | jq .comments_url -r)
+curl "$comment_url" \
+    -X POST \
+    -H "Authorization: token $GITHUB_TOKEN" \
+    --data "{\"body\":\"🚀 Updated review app: https://$app_url\"}"
--- a/.github/workflows/auto-close.yml
+++ b/.github/workflows/auto-close.yml
@@ -1,5 +1,7 @@
 name: Auto close
-on: pull_request_target
+on:
+  pull_request_target:
+    types: [opened]

 permissions:
  pull-requests: write
--- a/.github/workflows/build-docker-image.yml
+++ b/.github/workflows/build-docker-image.yml
@@ -11,15 +11,17 @@ jobs:

      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v2
+        with:
+          version: v0.9.1

      - name: Set Git Short SHA
        run: echo "SHORT_SHA=${GITHUB_SHA::7}" >> $GITHUB_ENV

      - name: Build
-        uses: docker/build-push-action@v3
+        uses: docker/build-push-action@v4
        with:
          context: .
          push: false
-          tags: shieldsio/shields:pr-validation
+          tags: ghcr.io/badges/shields:pr-validation
          build-args: |
            version=${{ env.SHORT_SHA }}
--- a/.github/workflows/cleanup-review-apps.yml
+++ b/.github/workflows/cleanup-review-apps.yml
@@ -0,0 +1,24 @@
+name: Cleanup Review Apps
+on:
+  schedule:
+    - cron: '0 7 * * *'
+    # At 07:00, daily
+  workflow_dispatch:
+
+jobs:
+  cleanup-review-apps:
+    runs-on: ubuntu-latest
+    environment: 'Review Apps'
+    steps:
+      - uses: actions/checkout@v3
+      - uses: superfly/flyctl-actions/setup-flyctl@master
+
+      - name: install jq
+        run: |
+          sudo apt-get -qq update
+          sudo apt-get install -y jq
+
+      - run: .github/scripts/cleanup-review-apps.sh
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          FLY_API_TOKEN: ${{ secrets.FLY_API_TOKEN }}
--- a/.github/workflows/create-release.yml
+++ b/.github/workflows/create-release.yml
@@ -6,6 +6,7 @@ on:

 permissions:
  contents: write
+  packages: write

 jobs:
  create-release:
@@ -35,6 +36,8 @@ jobs:

      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v2
+        with:
+          version: v0.9.1

      - name: Login to DockerHub
        uses: docker/login-action@v2
@@ -43,10 +46,26 @@ jobs:
          password: ${{ secrets.DOCKERHUB_TOKEN }}

      - name: Build and push snapshot release to DockerHub
-        uses: docker/build-push-action@v3
+        uses: docker/build-push-action@v4
        with:
          context: .
          push: true
          tags: shieldsio/shields:server-${{ steps.date.outputs.date }}
          build-args: |
            version=server-${{ steps.date.outputs.date }}
+
+      - name: Login to GHCR
+        uses: docker/login-action@v2
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Build and push snapshot release to GHCR
+        uses: docker/build-push-action@v4
+        with:
+          context: .
+          push: true
+          tags: ghcr.io/badges/shields:server-${{ steps.date.outputs.date }}
+          build-args: |
+            version=server-${{ steps.date.outputs.date }}
--- a/.github/workflows/danger.yml
+++ b/.github/workflows/danger.yml
@@ -0,0 +1,29 @@
+name: Danger
+on:
+  pull_request_target:
+    types: [opened, reopened, synchronize]
+
+permissions:
+  checks: write
+  pull-requests: write
+  statuses: write
+
+jobs:
+  danger:
+    runs-on: ubuntu-latest
+    if: github.actor != 'dependabot[bot]' && github.actor != 'repo-ranger[bot]'
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+
+      - name: Setup
+        uses: ./.github/actions/setup
+        with:
+          node-version: 16
+
+      - name: Danger
+        run: npm run danger ci
+        env:
+          # https://github.com/gatsbyjs/gatsby/pull/11555
+          NODE_ENV: test
+          GITHUB_TOKEN: '${{ secrets.GITHUB_TOKEN }}'
--- a/.github/workflows/deploy-docs.yml
+++ b/.github/workflows/deploy-docs.yml
@@ -16,10 +16,13 @@ jobs:
        with:
          persist-credentials: false

+      - name: Setup
+        uses: ./.github/actions/setup
+        with:
+          node-version: 16
+
      - name: Build
-        run: |
-          npm ci
-          npm run build-docs
+        run: npm run build-docs

      - name: Deploy
        uses: JamesIves/github-pages-deploy-action@v4
--- a/.github/workflows/deploy-review-app.yml
+++ b/.github/workflows/deploy-review-app.yml
@@ -0,0 +1,43 @@
+name: Create/Update Review App
+on:
+  workflow_dispatch:
+    inputs:
+      pr_number:
+        description: 'PR Number to deploy e.g: 1234'
+        required: true
+
+permissions:
+  pull-requests: write
+
+jobs:
+  deploy-review-app:
+    runs-on: ubuntu-latest
+    environment: 'Review Apps'
+    steps:
+      - uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+      - uses: superfly/flyctl-actions/setup-flyctl@master
+
+      - name: install jq
+        run: |
+          sudo apt-get -qq update
+          sudo apt-get install -y jq
+
+      - run: .github/scripts/deploy-review-app.sh
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          FLY_API_TOKEN: ${{ secrets.FLY_API_TOKEN }}
+          PR_NUMBER: ${{ github.event.inputs.pr_number }}
+          # credentials to set when we create the review app
+          SECRETS: |
+            GH_TOKEN=${{ secrets.GH_PAT }}
+            LIBRARIESIO_TOKENS=${{ secrets.SERVICETESTS_LIBRARIESIO_TOKENS }}
+            OBS_USER=${{ secrets.SERVICETESTS_OBS_USER }}
+            OBS_PASS=${{ secrets.SERVICETESTS_OBS_PASS }}
+            SL_INSIGHT_API_TOKEN=${{ secrets.SERVICETESTS_SL_INSIGHT_USER_UUID }}
+            SL_INSIGHT_USER_UUID=${{ secrets.SERVICETESTS_SL_INSIGHT_API_TOKEN }}
+            TWITCH_CLIENT_ID=${{ secrets.SERVICETESTS_TWITCH_CLIENT_ID }}
+            TWITCH_CLIENT_SECRET=${{ secrets.SERVICETESTS_TWITCH_CLIENT_SECRET }}
+            WHEELMAP_TOKEN=${{ secrets.SERVICETESTS_WHEELMAP_TOKEN }}
+            YOUTUBE_API_KEY=${{ secrets.SERVICETESTS_YOUTUBE_API_KEY }}
--- a/.github/workflows/enforce-dependency-review.yml
+++ b/.github/workflows/enforce-dependency-review.yml
@@ -1,5 +1,7 @@
 name: 'Dependency Review'
-on: [pull_request]
+on:
+  pull_request:
+    types: [opened, reopened, synchronize]

 jobs:
  enforce-dependency-review:
@@ -8,4 +10,4 @@ jobs:
      - name: 'Checkout Repository'
        uses: actions/checkout@v3
      - name: 'Dependency Review'
-        uses: actions/dependency-review-action@v2
+        uses: actions/dependency-review-action@v3
--- a/.github/workflows/publish-docker-next.yml
+++ b/.github/workflows/publish-docker-next.yml
@@ -4,6 +4,9 @@ on:
    branches:
      - master

+permissions:
+  packages: write
+
 jobs:
  publish-docker-next:
    runs-on: ubuntu-latest
@@ -13,6 +16,8 @@ jobs:

      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v2
+        with:
+          version: v0.9.1

      - name: Login to DockerHub
        uses: docker/login-action@v2
@@ -23,11 +28,27 @@ jobs:
      - name: Set Git Short SHA
        run: echo "SHORT_SHA=${GITHUB_SHA::7}" >> $GITHUB_ENV

-      - name: Build and push
-        uses: docker/build-push-action@v3
+      - name: Build and push to DockerHub
+        uses: docker/build-push-action@v4
        with:
          context: .
          push: true
          tags: shieldsio/shields:next
          build-args: |
            version=${{ env.SHORT_SHA }}
+
+      - name: Login to GHCR
+        uses: docker/login-action@v2
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Build and push to GHCR
+        uses: docker/build-push-action@v4
+        with:
+          context: .
+          push: true
+          tags: ghcr.io/badges/shields:next
+          build-args: |
+            version=${{ env.SHORT_SHA }}
--- a/.github/workflows/test-e2e.yml
+++ b/.github/workflows/test-e2e.yml
@@ -0,0 +1,49 @@
+name: E2E
+on:
+  pull_request:
+    types: [opened, reopened, synchronize]
+  push:
+    branches-ignore:
+      - 'gh-pages'
+      - 'dependabot/**'
+
+jobs:
+  test-e2e:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+
+      - name: Cache Cypress binary
+        id: cache-cypress
+        uses: actions/cache@v3
+        env:
+          cache-name: cache-cypress
+        with:
+          path: ~/.cache/Cypress
+          key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ hashFiles('**/package-lock.json') }}
+
+      - name: Setup
+        uses: ./.github/actions/setup
+        with:
+          node-version: 16
+          cypress: true
+
+      - name: Run tests
+        env:
+          GH_TOKEN: '${{ secrets.GITHUB_TOKEN }}'
+        run: npm run e2e
+
+      - name: Archive videos
+        if: always()
+        uses: actions/upload-artifact@v3
+        with:
+          name: videos
+          path: cypress/videos
+
+      - name: Archive screenshots
+        if: always()
+        uses: actions/upload-artifact@v3
+        with:
+          name: screenshots
+          path: cypress/screenshots
--- a/.github/workflows/test-integration-17.yml
+++ b/.github/workflows/test-integration-17.yml
@@ -0,0 +1,52 @@
+name: Integration@node 17
+on:
+  pull_request:
+    types: [opened, reopened, synchronize]
+  push:
+    branches-ignore:
+      - 'gh-pages'
+      - 'dependabot/**'
+
+jobs:
+  test-integration-17:
+    runs-on: ubuntu-latest
+    env:
+      PAT_EXISTS: ${{ secrets.GH_PAT != '' }}
+
+    services:
+      postgres:
+        image: postgres
+        env:
+          POSTGRES_USER: postgres
+          POSTGRES_PASSWORD: postgres
+          POSTGRES_DB: ci_test
+        options: >-
+          --health-cmd pg_isready
+          --health-interval 10s
+          --health-timeout 5s
+          --health-retries 5
+        ports:
+          - 5432:5432
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+
+      - name: Setup
+        uses: ./.github/actions/setup
+        with:
+          node-version: 17
+        env:
+          NPM_CONFIG_ENGINE_STRICT: 'false'
+
+      - name: Integration Tests (with PAT)
+        if: ${{ env.PAT_EXISTS == 'true' }}
+        uses: ./.github/actions/integration-tests
+        with:
+          github-token: '${{ secrets.GH_PAT }}'
+
+      - name: Integration Tests (with workflow token)
+        if: ${{ env.PAT_EXISTS == 'false' }}
+        uses: ./.github/actions/integration-tests
+        with:
+          github-token: '${{ secrets.GITHUB_TOKEN }}'
--- a/.github/workflows/test-integration.yml
+++ b/.github/workflows/test-integration.yml
@@ -0,0 +1,50 @@
+name: Integration
+on:
+  pull_request:
+    types: [opened, reopened, synchronize]
+  push:
+    branches-ignore:
+      - 'gh-pages'
+      - 'dependabot/**'
+
+jobs:
+  test-integration:
+    runs-on: ubuntu-latest
+    env:
+      PAT_EXISTS: ${{ secrets.GH_PAT != '' }}
+
+    services:
+      postgres:
+        image: postgres
+        env:
+          POSTGRES_USER: postgres
+          POSTGRES_PASSWORD: postgres
+          POSTGRES_DB: ci_test
+        options: >-
+          --health-cmd pg_isready
+          --health-interval 10s
+          --health-timeout 5s
+          --health-retries 5
+        ports:
+          - 5432:5432
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+
+      - name: Setup
+        uses: ./.github/actions/setup
+        with:
+          node-version: 16
+
+      - name: Integration Tests (with PAT)
+        if: ${{ env.PAT_EXISTS == 'true' }}
+        uses: ./.github/actions/integration-tests
+        with:
+          github-token: '${{ secrets.GH_PAT }}'
+
+      - name: Integration Tests (with workflow token)
+        if: ${{ env.PAT_EXISTS == 'false' }}
+        uses: ./.github/actions/integration-tests
+        with:
+          github-token: '${{ secrets.GITHUB_TOKEN }}'
--- a/.github/workflows/test-lint.yml
+++ b/.github/workflows/test-lint.yml
@@ -1,9 +1,11 @@
 name: Lint
 on:
  pull_request:
+    types: [opened, reopened, synchronize]
  push:
    branches-ignore:
      - 'gh-pages'
+      - 'dependabot/**'

 jobs:
  test-lint:
--- a/.github/workflows/test-main-17.yml
+++ b/.github/workflows/test-main-17.yml
@@ -1,9 +1,11 @@
 name: Main@node 17
 on:
  pull_request:
+    types: [opened, reopened, synchronize]
  push:
    branches-ignore:
      - 'gh-pages'
+      - 'dependabot/**'

 jobs:
  test-main-17:
--- a/.github/workflows/test-main.yml
+++ b/.github/workflows/test-main.yml
@@ -1,9 +1,11 @@
 name: Main
 on:
  pull_request:
+    types: [opened, reopened, synchronize]
  push:
    branches-ignore:
      - 'gh-pages'
+      - 'dependabot/**'

 jobs:
  test-main:
--- a/.github/workflows/test-package-cli.yml
+++ b/.github/workflows/test-package-cli.yml
@@ -1,9 +1,11 @@
 name: Package CLI
 on:
  pull_request:
+    types: [opened, reopened, synchronize]
  push:
    branches-ignore:
      - 'gh-pages'
+      - 'dependabot/**'

 # Smoke test (render a badge with the CLI) with only the package
 # dependencies installed.
--- a/.github/workflows/test-package-lib.yml
+++ b/.github/workflows/test-package-lib.yml
@@ -1,9 +1,11 @@
 name: Package Library
 on:
  pull_request:
+    types: [opened, reopened, synchronize]
  push:
    branches-ignore:
      - 'gh-pages'
+      - 'dependabot/**'

 jobs:
  test-package-lib:
--- a/.github/workflows/test-services-17.yml
+++ b/.github/workflows/test-services-17.yml
@@ -0,0 +1,40 @@
+name: Services@node 17
+on:
+  pull_request:
+    types: [opened, edited, reopened, synchronize]
+
+jobs:
+  test-services-17:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+
+      - name: Setup
+        uses: ./.github/actions/setup
+        with:
+          node-version: 17
+        env:
+          NPM_CONFIG_ENGINE_STRICT: 'false'
+
+      - name: Service tests (triggered from local branch)
+        if: github.event.pull_request.head.repo.full_name == github.repository
+        uses: ./.github/actions/service-tests
+        with:
+          github-token: '${{ secrets.GH_PAT }}'
+          librariesio-tokens: '${{ secrets.SERVICETESTS_LIBRARIESIO_TOKENS }}'
+          obs-user: '${{ secrets.SERVICETESTS_OBS_USER }}'
+          obs-pass: '${{ secrets.SERVICETESTS_OBS_PASS }}'
+          sl-insight-user-uuid: '${{ secrets.SERVICETESTS_SL_INSIGHT_USER_UUID }}'
+          sl-insight-api-token: '${{ secrets.SERVICETESTS_SL_INSIGHT_API_TOKEN }}'
+          twitch-client-id: '${{ secrets.SERVICETESTS_TWITCH_CLIENT_ID }}'
+          twitch-client-secret: '${{ secrets.SERVICETESTS_TWITCH_CLIENT_SECRET }}'
+          wheelmap-token: '${{ secrets.SERVICETESTS_WHEELMAP_TOKEN }}'
+          youtube-api-key: '${{ secrets.SERVICETESTS_YOUTUBE_API_KEY }}'
+
+      - name: Service tests (triggered from fork)
+        if: github.event.pull_request.head.repo.full_name != github.repository
+        uses: ./.github/actions/service-tests
+        with:
+          github-token: '${{ secrets.GITHUB_TOKEN }}'
--- a/.github/workflows/test-services.yml
+++ b/.github/workflows/test-services.yml
@@ -0,0 +1,38 @@
+name: Services
+on:
+  pull_request:
+    types: [opened, edited, reopened, synchronize]
+
+jobs:
+  test-services:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+
+      - name: Setup
+        uses: ./.github/actions/setup
+        with:
+          node-version: 16
+
+      - name: Service tests (triggered from local branch)
+        if: github.event.pull_request.head.repo.full_name == github.repository
+        uses: ./.github/actions/service-tests
+        with:
+          github-token: '${{ secrets.GH_PAT }}'
+          librariesio-tokens: '${{ secrets.SERVICETESTS_LIBRARIESIO_TOKENS }}'
+          obs-user: '${{ secrets.SERVICETESTS_OBS_USER }}'
+          obs-pass: '${{ secrets.SERVICETESTS_OBS_PASS }}'
+          sl-insight-user-uuid: '${{ secrets.SERVICETESTS_SL_INSIGHT_USER_UUID }}'
+          sl-insight-api-token: '${{ secrets.SERVICETESTS_SL_INSIGHT_API_TOKEN }}'
+          twitch-client-id: '${{ secrets.SERVICETESTS_TWITCH_CLIENT_ID }}'
+          twitch-client-secret: '${{ secrets.SERVICETESTS_TWITCH_CLIENT_SECRET }}'
+          wheelmap-token: '${{ secrets.SERVICETESTS_WHEELMAP_TOKEN }}'
+          youtube-api-key: '${{ secrets.SERVICETESTS_YOUTUBE_API_KEY }}'
+
+      - name: Service tests (triggered from fork)
+        if: github.event.pull_request.head.repo.full_name != github.repository
+        uses: ./.github/actions/service-tests
+        with:
+          github-token: '${{ secrets.GITHUB_TOKEN }}'
--- a/.github/workflows/update-github-api.yml
+++ b/.github/workflows/update-github-api.yml
@@ -0,0 +1,33 @@
+name: Update GitHub API Version
+on:
+  schedule:
+    - cron: '0 7 * * 6'
+    # At 07:00 on Saturday
+  workflow_dispatch:
+
+permissions:
+  pull-requests: write
+  contents: write
+
+jobs:
+  update-github-api:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+
+      - name: Setup
+        uses: ./.github/actions/setup
+        with:
+          node-version: 16
+
+      - name: Check for new GitHub API version
+        run: node scripts/update-github-api.js
+
+      - name: Create Pull Request if config has changed
+        uses: peter-evans/create-pull-request@v5
+        with:
+          token: '${{ secrets.GITHUB_TOKEN }}'
+          commit-message: Update GitHub API Version
+          title: Update [GitHub] API Version
+          branch-suffix: random
--- a/.gitignore
+++ b/.gitignore
@@ -92,10 +92,7 @@ typings/

 # Temporary build artifacts.
 /build
-.next
-badge-examples.json
-supported-features.json
-service-definitions.yml
+frontend/categories/*.yaml

 # Local runtime configuration.
 /config/local*.yml
@@ -103,11 +100,6 @@ service-definitions.yml
 # Template for the local runtime configuration.
 !/config/local*.template.yml

-# Gatsby
-/frontend/.cache
-/frontend/public
-/public
-
 # Cypress
 /cypress/videos/
 /cypress/screenshots/
@@ -117,3 +109,11 @@ service-definitions.yml

 # Flamebearer
 flamegraph.html
+
+# config file for node-pg-migrate
+migrations-config.json
+
+# Frontend/Docusaurus
+frontend/.docusaurus
+frontend/.cache-loader
+/public
--- a/.mocharc-frontend.yml
+++ b/.mocharc-frontend.yml
@@ -1,5 +0,0 @@
-reporter: mocha-env-reporter
-require:
-  - '@babel/polyfill'
-  - '@babel/register'
-  - mocha-yaml-loader
--- a/.nycrc-frontend.json
+++ b/.nycrc-frontend.json
@@ -1,10 +0,0 @@
-{
-  "reporter": ["lcov"],
-  "all": false,
-  "silent": true,
-  "clean": false,
-  "sourceMap": false,
-  "instrument": false,
-  "include": ["frontend/**/*.js"],
-  "exclude": ["**/*.spec.js", "**/mocha-*.js"]
-}
--- a/.prettierignore
+++ b/.prettierignore
@@ -10,5 +10,5 @@ public
 private/*.json
 /.nyc_output
 analytics.json
-supported-features.json
-service-definitions.yml
+frontend/.docusaurus
+frontend/categories
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -4,6 +4,119 @@ Note: this changelog is for the shields.io server. The changelog for the badge-m

 ---

+## server-2023-06-01
+
+- feat: Add total commits to [GitHubCommitActivity] [#9196](https://github.com/badges/shields/issues/9196)
+- set a custom error on 429 [#9159](https://github.com/badges/shields/issues/9159)
+- deprecate [travis].org badges [#9171](https://github.com/badges/shields/issues/9171)
+- count private sponsors on [GithubSponsors] badge [#9170](https://github.com/badges/shields/issues/9170)
+- Dependency updates
+
+## server-2023-05-01
+
+** Removal:** For users who need to maintain a Github Token pool, storage has been provided via the `RedisTokenPersistence` and `REDIS_URL` settings. This feature was deprecated in `server-2023-03-01`. As of this release, the `RedisTokenPersistence` backend is now removed. If you are using this feature, you will need to migrate to using the `SQLTokenPersistence` backend for storage and provide a postgres connection string via the `POSTGRES_URL` setting. [#8922](https://github.com/badges/shields/issues/8922)
+
+- fail to start server if there are duplicate service names [#9099](https://github.com/badges/shields/issues/9099)
+- [SourceForge] Added badges for SourceForge [#9078](https://github.com/badges/shields/issues/9078) [#9102](https://github.com/badges/shields/issues/9102)
+- crates: Use `?include=` to reduce crates.io backend load [#9081](https://github.com/badges/shields/issues/9081)
+- Dependency updates
+
+## server-2023-04-02
+
+- [JenkinsCoverage] Update Jenkins Code Coverage API for new plugin version [#9010](https://github.com/badges/shields/issues/9010)
+- [CTAN] fallback to date if version is empty [#9036](https://github.com/badges/shields/issues/9036)
+- Update to [CTAN] API version 2.0 [#9016](https://github.com/badges/shields/issues/9016)
+- handle missing statistics array in [VisualStudioMarketplace] badges [#8985](https://github.com/badges/shields/issues/8985)
+- [Netlify] upgrade colors for SVG parsing [#8971](https://github.com/badges/shields/issues/8971)
+- Fix [Vcpkg] version service for different version fields [#8945](https://github.com/badges/shields/issues/8945)
+- only try to close pool if one exists [#8947](https://github.com/badges/shields/issues/8947)
+- misc minor fixes to [githubsize node pypi] [#8946](https://github.com/badges/shields/issues/8946)
+- Dependency updates
+
+## server-2023-03-01
+
+**Deprecation:** For users who need to maintain a Github Token pool, storage has been provided via the `RedisTokenPersistence` and `REDIS_URL` settings. As of this release, the `RedisTokenPersistence` backend is now deprecated and will be removed in a future release. If you are using this feature, you will need to migrate to using the `SQLTokenPersistence` backend for storage and provide a postgres connection string via the `POSTGRES_URL` setting. [#8922](https://github.com/badges/shields/issues/8922)
+
+- fix: for crates.io versions, use max_stable_version if it exists [#8687](https://github.com/badges/shields/issues/8687)
+- don't autofocus search [#8927](https://github.com/badges/shields/issues/8927)
+- Add [Vcpkg] version service [#8923](https://github.com/badges/shields/issues/8923)
+- fix: Set uid/gid in docker image to 0 [#8908](https://github.com/badges/shields/issues/8908)
+- expose port 443 in Dockerfile [#8889](https://github.com/badges/shields/issues/8889)
+- Dependency updates
+
+## server-2023-02-01
+
+- replace [twitter] badge with static fallback [#8842](https://github.com/badges/shields/issues/8842)
+- Add various [Polymart] badges [#8811](https://github.com/badges/shields/issues/8811)
+- update [githubpipenv] tests/examples [#8797](https://github.com/badges/shields/issues/8797)
+- deprecate [apm] service [#8773](https://github.com/badges/shields/issues/8773)
+- deprecate lgtm [#8771](https://github.com/badges/shields/issues/8771)
+- Dependency updates
+
+## server-2023-01-01
+
+- Breaking change: Routes for GitHub workflows badge have changed. See https://github.com/badges/shields/issues/8671 for more details
+- Behaviour change: In this release we fixed a long standing bug. GitHub badges were previously not reading the base URL from the `config.service.baseUri`.
+  This release fixes that bug, bringing the code into line with the documented behaviour. This should not cause a behaviour change for most users,
+  but users who had previously set a value in `config.service.baseUri` which was previously ignored could see this now have an effect.
+  Users who configure their instance using env vars rather than yaml should see no change.
+- Send `X-GitHub-Api-Version` when calling [GitHub] v3 API [#8669](https://github.com/badges/shields/issues/8669)
+- add [VpmVersion] badge [#8755](https://github.com/badges/shields/issues/8755)
+- Add [modrinth] game versions [#8673](https://github.com/badges/shields/issues/8673)
+- fix debug logging of undefined query params [#8540](https://github.com/badges/shields/issues/8540), [#8757](https://github.com/badges/shields/issues/8757)
+- fall back to classifiers if [pypi] license text is really long [#8690](https://github.com/badges/shields/issues/8690)
+- allow passing key to [stackexchange] [#8539](https://github.com/badges/shields/issues/8539)
+- Dependency updates
+
+## server-2022-12-01
+
+- fix: support logoColor to shield icons. [#8263](https://github.com/badges/shields/issues/8263)
+- handle missing properties array in [VisualStudioMarketplaceVersion] [#8603](https://github.com/badges/shields/issues/8603)
+- deprecate [wercker] service [#8642](https://github.com/badges/shields/issues/8642)
+- Add [Coincap] Cryptocurrency badges [#8623](https://github.com/badges/shields/issues/8623)
+- Add [modrinth] version [#8604](https://github.com/badges/shields/issues/8604)
+- [factorio-mod-portal] services [#8625](https://github.com/badges/shields/issues/8625)
+- [Coveralls] for GitLab [#8584](https://github.com/badges/shields/issues/8584), [#8644](https://github.com/badges/shields/issues/8644)
+- Remove 'suggest badges' feature [#8311](https://github.com/badges/shields/issues/8311)
+- Add [modrinth] followers [#8601](https://github.com/badges/shields/issues/8601)
+- Update the [modrinth] API to v2 [#8600](https://github.com/badges/shields/issues/8600)
+- tidy up [GitHubGist] routes [#8510](https://github.com/badges/shields/issues/8510)
+- fix [flathub] version error handling [#8500](https://github.com/badges/shields/issues/8500)
+- Dependency updates
+
+## server-2022-11-01
+
+- [Ansible] Add collection badge [#8578](https://github.com/badges/shields/issues/8578)
+- [VisualStudioMarketplace] Add support to prerelease extensions version (Issue #8207) [#8561](https://github.com/badges/shields/issues/8561)
+- feat: add [GitlabLastCommit] service [#8508](https://github.com/badges/shields/issues/8508)
+- fix [swagger] service tests (allow 0 items in array) [#8564](https://github.com/badges/shields/issues/8564)
+- fix codecov badge for non-default branch [#8565](https://github.com/badges/shields/issues/8565)
+- Add [GitHubLastCommit] by committer badge [#8537](https://github.com/badges/shields/issues/8537)
+- [GitHubReleaseDate] - published_at field [#8543](https://github.com/badges/shields/issues/8543)
+- Fix [Testspace] with new "untested" value in case_counts array [#8544](https://github.com/badges/shields/issues/8544)
+- fix: Support WAITING status for GitHub deployments [#8521](https://github.com/badges/shields/issues/8521)
+- [Whatpulse] badge for a user and for a team [#8466](https://github.com/badges/shields/issues/8466)
+- deprecate [pkgreview] service [#8499](https://github.com/badges/shields/issues/8499)
+- Dependency updates
+
+## server-2022-10-08
+
+- deprecate [criterion] service [#8501](https://github.com/badges/shields/issues/8501)
+- fix formatRelativeDate error handling; run [date] [#8497](https://github.com/badges/shields/issues/8497)
+- allow/validate bitbucket_username / bitbucket_password in private config schema [#8472](https://github.com/badges/shields/issues/8472)
+- fix [pub] points badge test and example [#8498](https://github.com/badges/shields/issues/8498)
+- feat: add [GitlabLanguageCount] service [#8377](https://github.com/badges/shields/issues/8377)
+- [GitHubGistStars] add GitHub Gist Stars [#8471](https://github.com/badges/shields/issues/8471)
+- fix display/search of CII badge examples [#8473](https://github.com/badges/shields/issues/8473)
+- feat: add 2022 support to GitHub Hacktoberfest [#8468](https://github.com/badges/shields/issues/8468)
+- fix [GitLabCoverage] subgroup bug [#8401](https://github.com/badges/shields/issues/8401)
+- implement ruby gems-specific version sort/color functions [#8434](https://github.com/badges/shields/issues/8434)
+- Add `rc` to pre-release identifiers [#8435](https://github.com/badges/shields/issues/8435)
+- add [GitHub] Number of commits between branches/tags/commits [#8394](https://github.com/badges/shields/issues/8394)
+- add [Packagist] dependency version [#8371](https://github.com/badges/shields/issues/8371)
+- fix Docker build status invalid response data bug [#8392](https://github.com/badges/shields/issues/8392)
+- Dependency updates
+
 ## server-2022-09-04

 - fix frontend compile for users running on Windows [#8350](https://github.com/badges/shields/issues/8350)
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -134,9 +134,19 @@ Prettier before a commit by default.
 When adding or changing a service [please write tests][service-tests], and ensure the [title of your Pull Requests follows the required conventions](#running-service-tests-in-pull-requests) to ensure your tests are executed.
 When changing other code, please add unit tests.

-To run the integration tests, you must have redis installed and in your PATH.
-Use `brew install redis`, `yum install redis`, etc. The test runner will
-start the server automatically.
+The integration tests are not run by default. For most contributions it is OK to skip these unless you're working directly on the code for storing the GitHub token pool in postgres.
+
+To run the integration tests:
+
+- You must have PostgreSQL installed. Use `brew install postgresql`, `apt-get install postgresql`, etc.
+- Set a connection string either with an env var `POSTGRES_URL=postgresql://user:pass@127.0.0.1:5432/db_name` or by using
+  ```yaml
+  private:
+    postgres_url: 'postgresql://user:pass@127.0.0.1:5432/db_name'
+  ```
+  in a yaml config file.
+- Run `npm run migrate up` to apply DB migrations
+- Run `npm run test:integration` to run the tests

 [service-tests]: https://github.com/badges/shields/blob/master/doc/service-tests.md

--- a/4
+++ b/4
@@ -30,8 +30,8 @@ LABEL fly.version=$version
 ENV NODE_ENV production

 WORKDIR /usr/src/app
-COPY --from=Builder /usr/src/app /usr/src/app
+COPY --from=Builder --chown=0:0 /usr/src/app /usr/src/app

 CMD node server

-EXPOSE 80
+EXPOSE 80 443
--- a/README.md
+++ b/README.md
@@ -19,9 +19,6 @@
    <a href="https://coveralls.io/github/badges/shields">
        <img src="https://img.shields.io/coveralls/github/badges/shields"
            alt="coverage"></a>
-    <a href="https://lgtm.com/projects/g/badges/shields/alerts/">
-        <img src="https://img.shields.io/lgtm/alerts/g/badges/shields"
-            alt="Total alerts"/></a>
    <a href="https://discord.gg/HjJCwm5">
        <img src="https://img.shields.io/discord/308323056592486420?logo=discord"
            alt="chat on Discord"></a>
@@ -110,7 +107,7 @@ You can read a [tutorial on how to add a badge][tutorial].

 When server source files change, the badge server should automatically restart
 itself (using [nodemon][]). When the frontend files change, the frontend dev
-server (`gatsby dev`) should also automatically reload. However the badge
+server (`docusaurus start`) should also automatically reload. However the badge
 definitions are built only before the server first starts. To regenerate those,
 either run `npm run defs` or manually restart the server.

--- a/badge-maker/lib/badge-cli.spec.js
+++ b/badge-maker/lib/badge-cli.spec.js
@@ -1,7 +1,6 @@
 'use strict'

 const path = require('path')
-const isSvg = require('is-svg')
 const { spawn } = require('child-process-promise')
 const { expect, use } = require('chai')
 use(require('chai-string'))
@@ -20,6 +19,7 @@ describe('The CLI', function () {
  })

  it('should produce default badges', async function () {
+    const { default: isSvg } = await import('is-svg')
    const { stdout } = await runCli(['cactus', 'grown'])
    expect(stdout)
      .to.satisfy(isSvg)
@@ -28,11 +28,13 @@ describe('The CLI', function () {
  })

  it('should produce colorschemed badges', async function () {
+    const { default: isSvg } = await import('is-svg')
    const { stdout } = await runCli(['cactus', 'grown', ':green'])
    expect(stdout).to.satisfy(isSvg)
  })

  it('should produce right-color badges', async function () {
+    const { default: isSvg } = await import('is-svg')
    const { stdout } = await runCli(['cactus', 'grown', '#abcdef'])
    expect(stdout).to.satisfy(isSvg).and.to.include('#abcdef')
  })
--- a/badge-maker/lib/index.spec.js
+++ b/badge-maker/lib/index.spec.js
@@ -1,11 +1,11 @@
 'use strict'

 const { expect } = require('chai')
-const isSvg = require('is-svg')
 const { makeBadge, ValidationError } = require('.')

 describe('makeBadge function', function () {
-  it('should produce badge with valid input', function () {
+  it('should produce badge with valid input', async function () {
+    const { default: isSvg } = await import('is-svg')
    expect(
      makeBadge({
        label: 'build',
--- a/badge-maker/lib/make-badge.spec.js
+++ b/badge-maker/lib/make-badge.spec.js
@@ -3,7 +3,6 @@
 const { test, given, forCases } = require('sazerac')
 const { expect } = require('chai')
 const snapshot = require('snap-shot-it')
-const isSvg = require('is-svg')
 const prettier = require('prettier')
 const makeBadge = require('./make-badge')

@@ -80,7 +79,8 @@ describe('The badge generator', function () {
  })

  describe('SVG', function () {
-    it('should produce SVG', function () {
+    it('should produce SVG', async function () {
+      const { default: isSvg } = await import('is-svg')
      expect(makeBadge({ label: 'cactus', message: 'grown', format: 'svg' }))
        .to.satisfy(isSvg)
        .and.to.include('cactus')
@@ -113,7 +113,8 @@ describe('The badge generator', function () {
      })
    })

-    it('should replace undefined svg badge style with "flat"', function () {
+    it('should replace undefined svg badge style with "flat"', async function () {
+      const { default: isSvg } = await import('is-svg')
      const jsonBadgeWithUnknownStyle = makeBadge({
        label: 'name',
        message: 'Bob',
--- a/config/custom-environment-variables.yml
+++ b/config/custom-environment-variables.yml
@@ -94,10 +94,12 @@ private:
  obs_user: 'OBS_USER'
  obs_pass: 'OBS_PASS'
  redis_url: 'REDIS_URL'
+  postgres_url: 'POSTGRES_URL'
  sentry_dsn: 'SENTRY_DSN'
  sl_insight_userUuid: 'SL_INSIGHT_USER_UUID'
  sl_insight_apiToken: 'SL_INSIGHT_API_TOKEN'
  sonarqube_token: 'SONARQUBE_TOKEN'
+  stackapps_api_key: 'STACKAPPS_API_KEY'
  teamcity_user: 'TEAMCITY_USER'
  teamcity_pass: 'TEAMCITY_PASS'
  twitch_client_id: 'TWITCH_CLIENT_ID'
--- a/config/default.yml
+++ b/config/default.yml
@@ -1,7 +1,6 @@
 public:
  bind:
    address: '::'
-
  metrics:
    prometheus:
      enabled: false
@@ -12,33 +11,26 @@ public:
      intervalSeconds: 15
  ssl:
    isSecure: false
-
  cors:
    allowedOrigin: []
-
  services:
    github:
-      baseUri: 'https://api.github.com/'
+      baseUri: 'https://api.github.com'
      debug:
        enabled: false
        intervalSeconds: 200
+      restApiVersion: '2022-11-28'
    obs:
      authorizedOrigins: 'https://api.opensuse.org'
    weblate:
      authorizedOrigins: 'https://hosted.weblate.org'
    trace: false
-
  cacheHeaders:
    defaultCacheLengthSeconds: 120
-
  handleInternalErrors: true
-
  fetchLimit: '10MB'
  userAgentBase: 'shields (self-hosted)'
-
  requestTimeoutSeconds: 120
  requestTimeoutMaxAgeSeconds: 30
-
  requireCloudflare: false
-
 private: {}
--- a/config/local-shields-io-production.template.yml
+++ b/config/local-shields-io-production.template.yml
@@ -4,7 +4,6 @@ private:
  gh_client_id: ...
  gh_client_secret: ...
  gitlab_token: ...
-  redis_url: ...
  sentry_dsn: ...
  shields_secret: ...
  sl_insight_userUuid: ...
--- a/core/badge-urls/make-badge-url.d.ts
+++ b/core/badge-urls/make-badge-url.d.ts
@@ -1,112 +0,0 @@
-export function badgeUrlFromPath({
-  baseUrl,
-  path,
-  queryParams,
-  style,
-  format,
-  longCache,
-}: {
-  baseUrl?: string
-  path: string
-  queryParams: { [k: string]: string | number | boolean }
-  style?: string
-  format?: string
-  longCache?: boolean
-}): string
-
-export function badgeUrlFromPattern({
-  baseUrl,
-  pattern,
-  namedParams,
-  queryParams,
-  style,
-  format,
-  longCache,
-}: {
-  baseUrl?: string
-  pattern: string
-  namedParams: { [k: string]: string }
-  queryParams: { [k: string]: string | number | boolean }
-  style?: string
-  format?: string
-  longCache?: boolean
-}): string
-
-export function encodeField(s: string): string
-
-export function staticBadgeUrl({
-  baseUrl,
-  label,
-  message,
-  labelColor,
-  color,
-  style,
-  namedLogo,
-  format,
-  links,
-}: {
-  baseUrl?: string
-  label: string
-  message: string
-  labelColor?: string
-  color?: string
-  style?: string
-  namedLogo?: string
-  format?: string
-  links?: string[]
-}): string
-
-export function queryStringStaticBadgeUrl({
-  baseUrl,
-  label,
-  message,
-  color,
-  labelColor,
-  style,
-  namedLogo,
-  logoColor,
-  logoWidth,
-  logoPosition,
-  format,
-}: {
-  baseUrl?: string
-  label: string
-  message: string
-  color?: string
-  labelColor?: string
-  style?: string
-  namedLogo?: string
-  logoColor?: string
-  logoWidth?: number
-  logoPosition?: number
-  format?: string
-}): string
-
-export function dynamicBadgeUrl({
-  baseUrl,
-  datatype,
-  label,
-  dataUrl,
-  query,
-  prefix,
-  suffix,
-  color,
-  style,
-  format,
-}: {
-  baseUrl?: string
-  datatype: string
-  label: string
-  dataUrl: string
-  query: string
-  prefix: string
-  suffix: string
-  color?: string
-  style?: string
-  format?: string
-}): string
-
-export function rasterRedirectUrl(
-  { rasterUrl }: { rasterUrl: string },
-  badgeUrl: string
-): string
--- a/core/badge-urls/make-badge-url.js
+++ b/core/badge-urls/make-badge-url.js
@@ -1,147 +1,5 @@
 // Avoid "Attempted import error: 'URL' is not exported from 'url'" in frontend.
 import url from 'url'
-import queryString from 'query-string'
-import { compile } from 'path-to-regexp'
-
-function badgeUrlFromPath({
-  baseUrl = '',
-  path,
-  queryParams,
-  style,
-  format = '',
-  longCache = false,
-}) {
-  const outExt = format.length ? `.${format}` : ''
-
-  const outQueryString = queryString.stringify({
-    cacheSeconds: longCache ? '2592000' : undefined,
-    style,
-    ...queryParams,
-  })
-  const suffix = outQueryString ? `?${outQueryString}` : ''
-
-  return `${baseUrl}${path}${outExt}${suffix}`
-}
-
-function badgeUrlFromPattern({
-  baseUrl = '',
-  pattern,
-  namedParams,
-  queryParams,
-  style,
-  format = '',
-  longCache = false,
-}) {
-  const toPath = compile(pattern, {
-    strict: true,
-    sensitive: true,
-    encode: encodeURIComponent,
-  })
-
-  const path = toPath(namedParams)
-
-  return badgeUrlFromPath({
-    baseUrl,
-    path,
-    queryParams,
-    style,
-    format,
-    longCache,
-  })
-}
-
-function encodeField(s) {
-  return encodeURIComponent(s.replace(/-/g, '--').replace(/_/g, '__'))
-}
-
-function staticBadgeUrl({
-  baseUrl = '',
-  label,
-  message,
-  labelColor,
-  color = 'lightgray',
-  style,
-  namedLogo,
-  format = '',
-  links = [],
-}) {
-  const path = [label, message, color].map(encodeField).join('-')
-  const outQueryString = queryString.stringify({
-    labelColor,
-    style,
-    logo: namedLogo,
-    link: links,
-  })
-  const outExt = format.length ? `.${format}` : ''
-  const suffix = outQueryString ? `?${outQueryString}` : ''
-  return `${baseUrl}/badge/${path}${outExt}${suffix}`
-}
-
-function queryStringStaticBadgeUrl({
-  baseUrl = '',
-  label,
-  message,
-  color,
-  labelColor,
-  style,
-  namedLogo,
-  logoColor,
-  logoWidth,
-  logoPosition,
-  format = '',
-}) {
-  // schemaVersion could be a parameter if we iterate on it,
-  // for now it's hardcoded to the only supported version.
-  const schemaVersion = '1'
-  const suffix = `?${queryString.stringify({
-    label,
-    message,
-    color,
-    labelColor,
-    style,
-    logo: namedLogo,
-    logoColor,
-    logoWidth,
-    logoPosition,
-  })}`
-  const outExt = format.length ? `.${format}` : ''
-  return `${baseUrl}/static/v${schemaVersion}${outExt}${suffix}`
-}
-
-function dynamicBadgeUrl({
-  baseUrl,
-  datatype,
-  label,
-  dataUrl,
-  query,
-  prefix,
-  suffix,
-  color,
-  style,
-  format = '',
-}) {
-  const outExt = format.length ? `.${format}` : ''
-
-  const queryParams = {
-    label,
-    url: dataUrl,
-    query,
-    style,
-  }
-
-  if (color) {
-    queryParams.color = color
-  }
-  if (prefix) {
-    queryParams.prefix = prefix
-  }
-  if (suffix) {
-    queryParams.suffix = suffix
-  }
-
-  const outQueryString = queryString.stringify(queryParams)
-  return `${baseUrl}/badge/dynamic/${datatype}${outExt}?${outQueryString}`
-}

 function rasterRedirectUrl({ rasterUrl }, badgeUrl) {
  // Ensure we're always using the `rasterUrl` by using just the path from
@@ -152,12 +10,4 @@ function rasterRedirectUrl({ rasterUrl }, badgeUrl) {
  return result
 }

-export {
-  badgeUrlFromPath,
-  badgeUrlFromPattern,
-  encodeField,
-  staticBadgeUrl,
-  queryStringStaticBadgeUrl,
-  dynamicBadgeUrl,
-  rasterRedirectUrl,
-}
+export { rasterRedirectUrl }
--- a/core/badge-urls/make-badge-url.spec.js
+++ b/core/badge-urls/make-badge-url.spec.js
@@ -1,155 +0,0 @@
-import { test, given } from 'sazerac'
-import {
-  badgeUrlFromPath,
-  badgeUrlFromPattern,
-  encodeField,
-  staticBadgeUrl,
-  queryStringStaticBadgeUrl,
-  dynamicBadgeUrl,
-} from './make-badge-url.js'
-
-describe('Badge URL generation functions', function () {
-  test(badgeUrlFromPath, () => {
-    given({
-      baseUrl: 'http://example.com',
-      path: '/npm/v/gh-badges',
-      style: 'flat-square',
-      longCache: true,
-    }).expect(
-      'http://example.com/npm/v/gh-badges?cacheSeconds=2592000&style=flat-square'
-    )
-  })
-
-  test(badgeUrlFromPattern, () => {
-    given({
-      baseUrl: 'http://example.com',
-      pattern: '/npm/v/:packageName',
-      namedParams: { packageName: 'gh-badges' },
-      style: 'flat-square',
-      longCache: true,
-    }).expect(
-      'http://example.com/npm/v/gh-badges?cacheSeconds=2592000&style=flat-square'
-    )
-  })
-
-  test(encodeField, () => {
-    given('foo').expect('foo')
-    given('').expect('')
-    given('happy go lucky').expect('happy%20go%20lucky')
-    given('do-right').expect('do--right')
-    given('it_is_a_snake').expect('it__is__a__snake')
-  })
-
-  test(staticBadgeUrl, () => {
-    given({
-      label: 'foo',
-      message: 'bar',
-      color: 'blue',
-      style: 'flat-square',
-    }).expect('/badge/foo-bar-blue?style=flat-square')
-    given({
-      label: 'foo',
-      message: 'bar',
-      color: 'blue',
-      style: 'flat-square',
-      format: 'png',
-      namedLogo: 'github',
-    }).expect('/badge/foo-bar-blue.png?logo=github&style=flat-square')
-    given({
-      label: 'Hello World',
-      message: 'Привет Мир',
-      color: '#aabbcc',
-    }).expect(
-      '/badge/Hello%20World-%D0%9F%D1%80%D0%B8%D0%B2%D0%B5%D1%82%20%D0%9C%D0%B8%D1%80-%23aabbcc'
-    )
-    given({
-      label: '123-123',
-      message: 'abc-abc',
-      color: 'blue',
-    }).expect('/badge/123--123-abc--abc-blue')
-    given({
-      label: '123-123',
-      message: '',
-      color: 'blue',
-      style: 'social',
-    }).expect('/badge/123--123--blue?style=social')
-    given({
-      label: '',
-      message: 'blue',
-      color: 'blue',
-    }).expect('/badge/-blue-blue')
-  })
-
-  test(queryStringStaticBadgeUrl, () => {
-    // the query-string library sorts parameters by name
-    given({
-      label: 'foo',
-      message: 'bar',
-      color: 'blue',
-      style: 'flat-square',
-    }).expect('/static/v1?color=blue&label=foo&message=bar&style=flat-square')
-    given({
-      label: 'foo Bar',
-      message: 'bar Baz',
-      color: 'blue',
-      style: 'flat-square',
-      format: 'png',
-      namedLogo: 'github',
-    }).expect(
-      '/static/v1.png?color=blue&label=foo%20Bar&logo=github&message=bar%20Baz&style=flat-square'
-    )
-    given({
-      label: 'Hello World',
-      message: 'Привет Мир',
-      color: '#aabbcc',
-    }).expect(
-      '/static/v1?color=%23aabbcc&label=Hello%20World&message=%D0%9F%D1%80%D0%B8%D0%B2%D0%B5%D1%82%20%D0%9C%D0%B8%D1%80'
-    )
-  })
-
-  test(dynamicBadgeUrl, () => {
-    const dataUrl = 'http://example.com/foo.json'
-    const query = '$.bar'
-    const prefix = 'value: '
-    given({
-      baseUrl: 'http://img.example.com',
-      datatype: 'json',
-      label: 'foo',
-      dataUrl,
-      query,
-      prefix,
-      style: 'plastic',
-    }).expect(
-      [
-        'http://img.example.com/badge/dynamic/json',
-        '?label=foo',
-        `&prefix=${encodeURIComponent(prefix)}`,
-        `&query=${encodeURIComponent(query)}`,
-        '&style=plastic',
-        `&url=${encodeURIComponent(dataUrl)}`,
-      ].join('')
-    )
-    const suffix = '<- value'
-    const color = 'blue'
-    given({
-      baseUrl: 'http://img.example.com',
-      datatype: 'json',
-      label: 'foo',
-      dataUrl,
-      query,
-      suffix,
-      color,
-      style: 'plastic',
-    }).expect(
-      [
-        'http://img.example.com/badge/dynamic/json',
-        '?color=blue',
-        '&label=foo',
-        `&query=${encodeURIComponent(query)}`,
-        '&style=plastic',
-        `&suffix=${encodeURIComponent(suffix)}`,
-        `&url=${encodeURIComponent(dataUrl)}`,
-      ].join('')
-    )
-  })
-})
--- a/core/base-service/base-graphql.js
+++ b/core/base-service/base-graphql.js
@@ -44,6 +44,12 @@ class BaseGraphqlService extends BaseService {
   *    and custom error messages e.g: `{ 404: 'package not found' }`.
   *    This can be used to extend or override the
   *    [default](https://github.com/badges/shields/blob/master/core/base-service/check-error-response.js#L5)
+   * @param {object} [attrs.systemErrors={}] Key-value map of got network exception codes
+   *    and an object of params to pass when we construct an Inaccessible exception object
+   *    e.g: `{ ECONNRESET: { prettyMessage: 'connection reset' } }`.
+   *    See {@link https://github.com/sindresorhus/got/blob/main/documentation/7-retry.md#errorcodes got error codes}
+   *    for allowed keys
+   *    and {@link module:core/base-service/errors~RuntimeErrorProps} for allowed values
   * @param {Function} [attrs.transformJson=data => data] Function which takes the raw json and transforms it before
   * further procesing. In case of multiple query in a single graphql call and few of them
   * throw error, partial data might be used ignoring the error.
@@ -62,6 +68,7 @@ class BaseGraphqlService extends BaseService {
    variables = {},
    options = {},
    httpErrorMessages = {},
+    systemErrors = {},
    transformJson = data => data,
    transformErrors = defaultTransformErrors,
  }) {
@@ -74,7 +81,8 @@ class BaseGraphqlService extends BaseService {
    const { buffer } = await this._request({
      url,
      options: mergedOptions,
-      errorMessages: httpErrorMessages,
+      httpErrors: httpErrorMessages,
+      systemErrors,
    })
    const json = transformJson(this._parseJson(buffer))
    if (json.errors) {
--- a/core/base-service/base-json.js
+++ b/core/base-service/base-json.js
@@ -30,14 +30,26 @@ class BaseJsonService extends BaseService {
   * @param {string} attrs.url URL to request
   * @param {object} [attrs.options={}] Options to pass to got. See
   *    [documentation](https://github.com/sindresorhus/got/blob/main/documentation/2-options.md)
-   * @param {object} [attrs.errorMessages={}] Key-value map of status codes
+   * @param {object} [attrs.httpErrors={}] Key-value map of status codes
   *    and custom error messages e.g: `{ 404: 'package not found' }`.
   *    This can be used to extend or override the
   *    [default](https://github.com/badges/shields/blob/master/core/base-service/check-error-response.js#L5)
+   * @param {object} [attrs.systemErrors={}] Key-value map of got network exception codes
+   *    and an object of params to pass when we construct an Inaccessible exception object
+   *    e.g: `{ ECONNRESET: { prettyMessage: 'connection reset' } }`.
+   *    See {@link https://github.com/sindresorhus/got/blob/main/documentation/7-retry.md#errorcodes got error codes}
+   *    for allowed keys
+   *    and {@link module:core/base-service/errors~RuntimeErrorProps} for allowed values
   * @returns {object} Parsed response
   * @see https://github.com/sindresorhus/got/blob/main/documentation/2-options.md
   */
-  async _requestJson({ schema, url, options = {}, errorMessages = {} }) {
+  async _requestJson({
+    schema,
+    url,
+    options = {},
+    httpErrors = {},
+    systemErrors = {},
+  }) {
    const mergedOptions = {
      ...{ headers: { Accept: 'application/json' } },
      ...options,
@@ -45,7 +57,8 @@ class BaseJsonService extends BaseService {
    const { buffer } = await this._request({
      url,
      options: mergedOptions,
-      errorMessages,
+      httpErrors,
+      systemErrors,
    })
    const json = this._parseJson(buffer)
    return this.constructor._validate(json, schema)
--- a/core/base-service/base-svg-scraping.js
+++ b/core/base-service/base-svg-scraping.js
@@ -53,10 +53,16 @@ class BaseSvgScrapingService extends BaseService {
   * @param {string} attrs.url URL to request
   * @param {object} [attrs.options={}] Options to pass to got. See
   *    [documentation](https://github.com/sindresorhus/got/blob/main/documentation/2-options.md)
-   * @param {object} [attrs.errorMessages={}] Key-value map of status codes
+   * @param {object} [attrs.httpErrors={}] Key-value map of status codes
   *    and custom error messages e.g: `{ 404: 'package not found' }`.
   *    This can be used to extend or override the
   *    [default](https://github.com/badges/shields/blob/master/core/base-service/check-error-response.js#L5)
+   * @param {object} [attrs.systemErrors={}] Key-value map of got network exception codes
+   *    and an object of params to pass when we construct an Inaccessible exception object
+   *    e.g: `{ ECONNRESET: { prettyMessage: 'connection reset' } }`.
+   *    See {@link https://github.com/sindresorhus/got/blob/main/documentation/7-retry.md#errorcodes got error codes}
+   *    for allowed keys
+   *    and {@link module:core/base-service/errors~RuntimeErrorProps} for allowed values
   * @returns {object} Parsed response
   * @see https://github.com/sindresorhus/got/blob/main/documentation/2-options.md
   */
@@ -65,7 +71,8 @@ class BaseSvgScrapingService extends BaseService {
    valueMatcher,
    url,
    options = {},
-    errorMessages = {},
+    httpErrors = {},
+    systemErrors = {},
  }) {
    const logTrace = (...args) => trace.logTrace('fetch', ...args)
    const mergedOptions = {
@@ -75,7 +82,8 @@ class BaseSvgScrapingService extends BaseService {
    const { buffer } = await this._request({
      url,
      options: mergedOptions,
-      errorMessages,
+      httpErrors,
+      systemErrors,
    })
    logTrace(emojic.dart, 'Response SVG', buffer)
    const data = {
--- a/core/base-service/base-xml.js
+++ b/core/base-service/base-xml.js
@@ -24,10 +24,16 @@ class BaseXmlService extends BaseService {
   * @param {string} attrs.url URL to request
   * @param {object} [attrs.options={}] Options to pass to got. See
   *    [documentation](https://github.com/sindresorhus/got/blob/main/documentation/2-options.md)
-   * @param {object} [attrs.errorMessages={}] Key-value map of status codes
+   * @param {object} [attrs.httpErrors={}] Key-value map of status codes
   *    and custom error messages e.g: `{ 404: 'package not found' }`.
   *    This can be used to extend or override the
   *    [default](https://github.com/badges/shields/blob/master/core/base-service/check-error-response.js#L5)
+   * @param {object} [attrs.systemErrors={}] Key-value map of got network exception codes
+   *    and an object of params to pass when we construct an Inaccessible exception object
+   *    e.g: `{ ECONNRESET: { prettyMessage: 'connection reset' } }`.
+   *    See {@link https://github.com/sindresorhus/got/blob/main/documentation/7-retry.md#errorcodes got error codes}
+   *    for allowed keys
+   *    and {@link module:core/base-service/errors~RuntimeErrorProps} for allowed values
   * @param {object} [attrs.parserOptions={}] Options to pass to fast-xml-parser. See
   *    [documentation](https://github.com/NaturalIntelligence/fast-xml-parser#xml-to-json)
   * @returns {object} Parsed response
@@ -38,7 +44,8 @@ class BaseXmlService extends BaseService {
    schema,
    url,
    options = {},
-    errorMessages = {},
+    httpErrors = {},
+    systemErrors = {},
    parserOptions = {},
  }) {
    const logTrace = (...args) => trace.logTrace('fetch', ...args)
@@ -49,7 +56,8 @@ class BaseXmlService extends BaseService {
    const { buffer } = await this._request({
      url,
      options: mergedOptions,
-      errorMessages,
+      httpErrors,
+      systemErrors,
    })
    const validateResult = XMLValidator.validate(buffer)
    if (validateResult !== true) {
--- a/core/base-service/base-yaml.js
+++ b/core/base-service/base-yaml.js
@@ -23,10 +23,16 @@ class BaseYamlService extends BaseService {
   * @param {string} attrs.url URL to request
   * @param {object} [attrs.options={}] Options to pass to got. See
   *    [documentation](https://github.com/sindresorhus/got/blob/main/documentation/2-options.md)
-   * @param {object} [attrs.errorMessages={}] Key-value map of status codes
+   * @param {object} [attrs.httpErrors={}] Key-value map of status codes
   *    and custom error messages e.g: `{ 404: 'package not found' }`.
   *    This can be used to extend or override the
   *    [default](https://github.com/badges/shields/blob/master/core/base-service/check-error-response.js#L5)
+   * @param {object} [attrs.systemErrors={}] Key-value map of got network exception codes
+   *    and an object of params to pass when we construct an Inaccessible exception object
+   *    e.g: `{ ECONNRESET: { prettyMessage: 'connection reset' } }`.
+   *    See {@link https://github.com/sindresorhus/got/blob/main/documentation/7-retry.md#errorcodes got error codes}
+   *    for allowed keys
+   *    and {@link module:core/base-service/errors~RuntimeErrorProps} for allowed values
   * @param {object} [attrs.encoding='utf8'] Character encoding
   * @returns {object} Parsed response
   * @see https://github.com/sindresorhus/got/blob/main/documentation/2-options.md
@@ -35,7 +41,8 @@ class BaseYamlService extends BaseService {
    schema,
    url,
    options = {},
-    errorMessages = {},
+    httpErrors = {},
+    systemErrors = {},
    encoding = 'utf8',
  }) {
    const logTrace = (...args) => trace.logTrace('fetch', ...args)
@@ -51,7 +58,8 @@ class BaseYamlService extends BaseService {
    const { buffer } = await this._request({
      url,
      options: mergedOptions,
-      errorMessages,
+      httpErrors,
+      systemErrors,
    })
    let parsed
    try {
--- a/core/base-service/base.js
+++ b/core/base-service/base.js
@@ -140,6 +140,15 @@ class BaseService {
   */
  static examples = []

+  /**
+   * Optional: an OpenAPI Paths Object describing this service's
+   * route or routes in OpenAPI format.
+   *
+   * @see https://swagger.io/specification/#paths-object
+   * @abstract
+   */
+  static openApi = undefined
+
  static get _cacheLength() {
    const cacheLengths = {
      build: 30,
@@ -183,7 +192,7 @@ class BaseService {
  }

  static getDefinition() {
-    const { category, name, isDeprecated } = this
+    const { category, name, isDeprecated, openApi } = this
    const { base, format, pattern } = this.route
    const queryParams = getQueryParamNames(this.route)

@@ -200,7 +209,7 @@ class BaseService {
      route = undefined
    }

-    const result = { category, name, isDeprecated, route, examples }
+    const result = { category, name, isDeprecated, route, examples, openApi }

    assertValidServiceDefinition(result, `getDefinition() for ${this.name}`)

@@ -217,12 +226,18 @@ class BaseService {
    this._metricHelper = metricHelper
  }

-  async _request({ url, options = {}, errorMessages = {} }) {
+  async _request({ url, options = {}, httpErrors = {}, systemErrors = {} }) {
    const logTrace = (...args) => trace.logTrace('fetch', ...args)
    let logUrl = url
    const logOptions = Object.assign({}, options)
-    if ('searchParams' in options) {
-      const params = new URLSearchParams(options.searchParams)
+    if ('searchParams' in options && options.searchParams != null) {
+      const params = new URLSearchParams(
+        Object.fromEntries(
+          Object.entries(options.searchParams).filter(
+            ([k, v]) => v !== undefined
+          )
+        )
+      )
      logUrl = `${url}?${params.toString()}`
      delete logOptions.searchParams
    }
@@ -231,10 +246,14 @@ class BaseService {
      'Request',
      `${logUrl}\n${JSON.stringify(logOptions, null, 2)}`
    )
-    const { res, buffer } = await this._requestFetcher(url, options)
+    const { res, buffer } = await this._requestFetcher(
+      url,
+      options,
+      systemErrors
+    )
    await this._meterResponse(res, buffer)
    logTrace(emojic.dart, 'Response status code', res.statusCode)
-    return checkErrorResponse(errorMessages)({ buffer, res })
+    return checkErrorResponse(httpErrors)({ buffer, res })
  }

  static enabledMetrics = []
@@ -313,11 +332,15 @@ class BaseService {
      error instanceof Deprecated
    ) {
      trace.logTrace('outbound', emojic.noGoodWoman, 'Handled error', error)
-      return {
+      const serviceData = {
        isError: true,
        message: error.prettyMessage,
        color: 'lightgray',
      }
+      if (error.cacheSeconds !== undefined) {
+        serviceData.cacheSeconds = error.cacheSeconds
+      }
+      return serviceData
    } else if (this._handleInternalErrors) {
      if (
        !trace.logTrace(
--- a/core/base-service/base.spec.js
+++ b/core/base-service/base.spec.js
@@ -440,14 +440,21 @@ describe('BaseService', function () {
      )

      const url = 'some-url'
-      const options = { headers: { Cookie: 'some-cookie' } }
+      const options = {
+        headers: { Cookie: 'some-cookie' },
+        searchParams: { param1: 'foobar', param2: undefined },
+      }
      await serviceInstance._request({ url, options })

      expect(trace.logTrace).to.be.calledWithMatch(
        'fetch',
        sinon.match.string,
        'Request',
-        `${url}\n${JSON.stringify(options, null, 2)}`
+        `${url}?param1=foobar\n${JSON.stringify(
+          { headers: options.headers },
+          null,
+          2
+        )}`
      )
      expect(trace.logTrace).to.be.calledWithMatch(
        'fetch',
--- a/core/base-service/cache-headers.js
+++ b/core/base-service/cache-headers.js
@@ -39,6 +39,7 @@ function coalesceCacheLength({
  assert(defaultCacheLengthSeconds !== undefined)

  const cacheLength = coalesce(
+    serviceOverrideCacheLengthSeconds,
    serviceDefaultCacheLengthSeconds,
    defaultCacheLengthSeconds
  )
@@ -46,7 +47,6 @@ function coalesceCacheLength({
  // Overrides can apply _more_ caching, but not less. Query param overriding
  // can request more overriding than service override, but not less.
  const candidateOverrides = [
-    serviceOverrideCacheLengthSeconds,
    overrideCacheLengthFromQueryParams(queryParams),
  ].filter(x => x !== undefined)

--- a/core/base-service/cache-headers.spec.js
+++ b/core/base-service/cache-headers.spec.js
@@ -74,12 +74,12 @@ describe('Cache header functions', function () {
        serviceDefaultCacheLengthSeconds: 900,
        serviceOverrideCacheLengthSeconds: 400,
        queryParams: {},
-      }).expect(900)
+      }).expect(400)
      given({
        cacheHeaderConfig,
        serviceOverrideCacheLengthSeconds: 400,
        queryParams: {},
-      }).expect(777)
+      }).expect(400)
      given({
        cacheHeaderConfig,
        serviceOverrideCacheLengthSeconds: 900,
--- a/core/base-service/check-error-response.js
+++ b/core/base-service/check-error-response.js
@@ -2,21 +2,22 @@ import { NotFound, InvalidResponse, Inaccessible } from './errors.js'

 const defaultErrorMessages = {
  404: 'not found',
+  429: 'rate limited by upstream service',
 }

-export default function checkErrorResponse(errorMessages = {}) {
+export default function checkErrorResponse(httpErrors = {}) {
  return async function ({ buffer, res }) {
    let error
-    errorMessages = { ...defaultErrorMessages, ...errorMessages }
+    httpErrors = { ...defaultErrorMessages, ...httpErrors }
    if (res.statusCode === 404) {
-      error = new NotFound({ prettyMessage: errorMessages[404] })
+      error = new NotFound({ prettyMessage: httpErrors[404] })
    } else if (res.statusCode !== 200) {
      const underlying = Error(
        `Got status code ${res.statusCode} (expected 200)`
      )
      const props = { underlyingError: underlying }
-      if (errorMessages[res.statusCode] !== undefined) {
-        props.prettyMessage = errorMessages[res.statusCode]
+      if (httpErrors[res.statusCode] !== undefined) {
+        props.prettyMessage = httpErrors[res.statusCode]
      }
      if (res.statusCode >= 500) {
        error = new Inaccessible(props)
--- a/core/base-service/check-error-response.spec.js
+++ b/core/base-service/check-error-response.spec.js
@@ -45,6 +45,42 @@ describe('async error handler', function () {
    })
  })

+  context('when status is 429', function () {
+    const buffer = Buffer.from('some stuff')
+    const res = { statusCode: 429 }
+
+    it('throws InvalidResponse', async function () {
+      try {
+        await checkErrorResponse()({ res, buffer })
+        expect.fail('Expected to throw')
+      } catch (e) {
+        expect(e).to.be.an.instanceof(InvalidResponse)
+        expect(e.message).to.equal(
+          'Invalid Response: Got status code 429 (expected 200)'
+        )
+        expect(e.prettyMessage).to.equal('rate limited by upstream service')
+        expect(e.response).to.equal(res)
+        expect(e.buffer).to.equal(buffer)
+      }
+    })
+
+    it('displays the custom too many requests', async function () {
+      const notFoundMessage = "terribly sorry but that's one too many requests"
+      try {
+        await checkErrorResponse({ 429: notFoundMessage })({ res, buffer })
+        expect.fail('Expected to throw')
+      } catch (e) {
+        expect(e).to.be.an.instanceof(InvalidResponse)
+        expect(e.message).to.equal(
+          'Invalid Response: Got status code 429 (expected 200)'
+        )
+        expect(e.prettyMessage).to.equal(
+          "terribly sorry but that's one too many requests"
+        )
+      }
+    })
+  })
+
  context('when status is 4xx', function () {
    it('throws InvalidResponse', async function () {
      const res = { statusCode: 499 }
--- a/core/base-service/coalesce-badge.js
+++ b/core/base-service/coalesce-badge.js
@@ -16,16 +16,15 @@ import toArray from './to-array.js'
 //
 // Logos are resolved in this manner:
 //
-// 1. When `?logo=` contains the name of one of the Shields logos, or contains
-//    base64-encoded SVG, that logo is used. In the case of a named logo, when
-//    a `&logoColor=` is specified, that color is used. Otherwise the default
-//    color is used. `logoColor` will not be applied to a custom
-//    (base64-encoded) logo; if a custom color is desired the logo should be
-//    recolored prior to making the request. The appearance of the logo can be
-//    customized using `logoWidth`, and in the case of the popout badge,
-//    `logoPosition`. When `?logo=` is specified, any logo-related parameters
-//    specified dynamically by the service, or by default in the service, are
-//    ignored.
+// 1. When `?logo=` contains a named logo or the name of one of the Shields
+//    logos or contains base64-encoded SVG, that logo is used. When a
+//    `&logoColor=` is specified, that color is used (except for the
+//    base64-encoded logos). Otherwise the default color is used. If the color
+//    is specified for a multicolor Shield logo, the named logo will be used and
+//    colored. The appearance of the logo can be customized using `logoWidth`,
+//    and in the case of the popout badge, `logoPosition`. When `?logo=` is
+//    specified, any logo-related parameters specified dynamically by the
+//    service, or by default in the service, are ignored.
 // 2. The second precedence is the dynamic logo returned by a service. This is
 //    used only by the Endpoint badge. The `logoColor` can be overridden by the
 //    query string.
--- a/core/base-service/coalesce-badge.spec.js
+++ b/core/base-service/coalesce-badge.spec.js
@@ -153,10 +153,18 @@ describe('coalesceBadge', function () {
      ).and.not.to.be.empty
    })

-    it('applies the named logo with color', function () {
+    it('applies the named monochrome logo with color', function () {
+      expect(
+        coalesceBadge({}, { namedLogo: 'dependabot', logoColor: 'blue' }, {})
+          .logo
+      ).to.equal(getShieldsIcon({ name: 'dependabot', color: 'blue' })).and.not
+        .to.be.empty
+    })
+
+    it('applies the named multicolored logo with color', function () {
      expect(
        coalesceBadge({}, { namedLogo: 'npm', logoColor: 'blue' }, {}).logo
-      ).to.equal(getShieldsIcon({ name: 'npm', color: 'blue' })).and.not.to.be
+      ).to.equal(getSimpleIcon({ name: 'npm', color: 'blue' })).and.not.to.be
        .empty
    })

@@ -166,15 +174,25 @@ describe('coalesceBadge', function () {
      ).to.equal(getShieldsIcon({ name: 'npm' })).and.not.be.empty
    })

-    it('overrides the logo with a color', function () {
+    it('overrides the monochrome logo with a color', function () {
+      expect(
+        coalesceBadge(
+          { logo: 'dependabot', logoColor: 'blue' },
+          { namedLogo: 'appveyor' },
+          {}
+        ).logo
+      ).to.equal(getShieldsIcon({ name: 'dependabot', color: 'blue' })).and.not
+        .be.empty
+    })
+
+    it('overrides multicolored logo with a color', function () {
      expect(
        coalesceBadge(
          { logo: 'npm', logoColor: 'blue' },
          { namedLogo: 'appveyor' },
          {}
        ).logo
-      ).to.equal(getShieldsIcon({ name: 'npm', color: 'blue' })).and.not.be
-        .empty
+      ).to.equal(getSimpleIcon({ name: 'npm', color: 'blue' })).and.not.be.empty
    })

    it("when the logo is overridden, it ignores the service's logo color, position, and width", function () {
@@ -192,15 +210,25 @@ describe('coalesceBadge', function () {
      ).to.equal(getShieldsIcon({ name: 'npm' })).and.not.be.empty
    })

-    it("overrides the service logo's color", function () {
+    it("overrides the service monochome logo's color", function () {
+      expect(
+        coalesceBadge(
+          { logoColor: 'blue' },
+          { namedLogo: 'dependabot', logoColor: 'red' },
+          {}
+        ).logo
+      ).to.equal(getShieldsIcon({ name: 'dependabot', color: 'blue' })).and.not
+        .be.empty
+    })
+
+    it("overrides the service multicolored logo's color", function () {
      expect(
        coalesceBadge(
          { logoColor: 'blue' },
          { namedLogo: 'npm', logoColor: 'red' },
          {}
        ).logo
-      ).to.equal(getShieldsIcon({ name: 'npm', color: 'blue' })).and.not.be
-        .empty
+      ).to.equal(getSimpleIcon({ name: 'npm', color: 'blue' })).and.not.be.empty
    })

    // https://github.com/badges/shields/issues/2998
--- a/core/base-service/errors.js
+++ b/core/base-service/errors.js
@@ -42,6 +42,7 @@ class ShieldsRuntimeError extends Error {
    if (props.underlyingError) {
      this.stack = props.underlyingError.stack
    }
+    this.cacheSeconds = props.cacheSeconds
  }
 }

@@ -206,6 +207,9 @@ class Deprecated extends ShieldsRuntimeError {
 * @property {string} prettyMessage User-facing error message to override the
 * value of `defaultPrettyMessage()`. This is the text that will appear on the
 * badge when we catch and render the exception (Optional)
+ * @property {number} cacheSeconds Length of time to cache this error response
+ * for. Defaults to the cacheLength of the service class throwing the error
+ * (Optional)
 */

 export {
--- a/core/base-service/examples.js
+++ b/core/base-service/examples.js
@@ -129,6 +129,7 @@ function transformExample(inExample, index, ServiceClass) {
    ServiceClass
  )

+  const category = categories.find(c => c.id === ServiceClass.category)
  return {
    title,
    example: {
@@ -146,9 +147,7 @@ function transformExample(inExample, index, ServiceClass) {
      style: style === 'flat' ? undefined : style,
      namedLogo,
    },
-    keywords: keywords.concat(
-      categories.find(c => c.id === ServiceClass.category).keywords
-    ),
+    keywords: category ? keywords.concat(category.keywords) : keywords,
    documentation: documentation ? { __html: documentation } : undefined,
  }
 }
--- a/core/base-service/got.js
+++ b/core/base-service/got.js
@@ -7,7 +7,7 @@ import {

 const userAgent = getUserAgent()

-async function sendRequest(gotWrapper, url, options) {
+async function sendRequest(gotWrapper, url, options = {}, systemErrors = {}) {
  const gotOptions = Object.assign({}, options)
  gotOptions.throwHttpErrors = false
  gotOptions.retry = { limit: 0 }
@@ -22,6 +22,12 @@ async function sendRequest(gotWrapper, url, options) {
        underlyingError: new Error('Maximum response size exceeded'),
      })
    }
+    if (err.code in systemErrors) {
+      throw new Inaccessible({
+        ...systemErrors[err.code],
+        underlyingError: err,
+      })
+    }
    throw new Inaccessible({ underlyingError: err })
  }
 }
--- a/core/base-service/got.spec.js
+++ b/core/base-service/got.spec.js
@@ -45,6 +45,36 @@ describe('got wrapper', function () {
    )
  })

+  it('should throw a custom error if provided', async function () {
+    const sendRequest = _fetchFactory(1024)
+    return (
+      expect(
+        sendRequest(
+          'https://www.google.com/foo/bar',
+          { timeout: { request: 1 } },
+          {
+            ETIMEDOUT: {
+              prettyMessage: 'Oh no! A terrible thing has happened',
+              cacheSeconds: 10,
+            },
+          }
+        )
+      )
+        .to.be.rejectedWith(
+          Inaccessible,
+          "Inaccessible: Timeout awaiting 'request' for 1ms"
+        )
+        // eslint-disable-next-line promise/prefer-await-to-then
+        .then(error => {
+          expect(error).to.have.property(
+            'prettyMessage',
+            'Oh no! A terrible thing has happened'
+          )
+          expect(error).to.have.property('cacheSeconds', 10)
+        })
+    )
+  })
+
  it('should pass a custom user agent header', async function () {
    nock('https://www.google.com', {
      reqheaders: {
--- a/core/base-service/legacy-request-handler.js
+++ b/core/base-service/legacy-request-handler.js
@@ -65,7 +65,7 @@ function handleRequest(cacheHeaderConfig, handlerOptions) {
    */
    if (match[0] === '/endpoint' && Object.keys(queryParams).length === 0) {
      ask.res.statusCode = 301
-      ask.res.setHeader('Location', '/endpoint/')
+      ask.res.setHeader('Location', '/badges/endpoint-badge')
      ask.res.end()
      return
    }
@@ -73,11 +73,9 @@ function handleRequest(cacheHeaderConfig, handlerOptions) {
    // `defaultCacheLengthSeconds` can be overridden by
    // `serviceDefaultCacheLengthSeconds` (either by category or on a badge-
    // by-badge basis). Then in turn that can be overridden by
-    // `serviceOverrideCacheLengthSeconds` (which we expect to be used only in
-    // the dynamic badge) but only if `serviceOverrideCacheLengthSeconds` is
-    // longer than `serviceDefaultCacheLengthSeconds` and then the `cacheSeconds`
-    // query param can also override both of those but again only if `cacheSeconds`
-    // is longer.
+    // `serviceOverrideCacheLengthSeconds`.
+    // Then the `cacheSeconds` query param can also override both of those
+    // but only if `cacheSeconds` is longer.
    //
    // When the legacy services have been rewritten, all the code in here
    // will go away, which should achieve this goal in a simpler way.
--- a/core/base-service/legacy-request-handler.spec.js
+++ b/core/base-service/legacy-request-handler.spec.js
@@ -148,7 +148,7 @@ describe('The request handler', function () {
        expect(headers['cache-control']).to.equal('max-age=900, s-maxage=900')
      })

-      it('should let live service data override the default cache headers with longer value', async function () {
+      it('should allow serviceData to override the default cache headers with longer value', async function () {
        camp.route(
          /^\/testing\/([^/]+)\.(svg|png|gif|jpg|json)$/,
          handleRequest(
@@ -168,7 +168,7 @@ describe('The request handler', function () {
        expect(headers['cache-control']).to.equal('max-age=400, s-maxage=400')
      })

-      it('should not let live service data override the default cache headers with shorter value', async function () {
+      it('should allow serviceData to override the default cache headers with shorter value', async function () {
        camp.route(
          /^\/testing\/([^/]+)\.(svg|png|gif|jpg|json)$/,
          handleRequest(
@@ -185,7 +185,7 @@ describe('The request handler', function () {
        )

        const { headers } = await got(`${baseUrl}/testing/123.json`)
-        expect(headers['cache-control']).to.equal('max-age=300, s-maxage=300')
+        expect(headers['cache-control']).to.equal('max-age=200, s-maxage=200')
      })

      it('should set the expires header to current time + cacheSeconds', async function () {
--- a/core/base-service/loader-test-fixtures/invalid-mixed.fixture.js
+++ b/core/base-service/loader-test-fixtures/invalid-mixed.fixture.js
@@ -1,10 +1,10 @@
 import BaseJsonService from '../base-json.js'

 class BadBaseService {}
-class GoodService extends BaseJsonService {
+class GoodMixedService extends BaseJsonService {
  static category = 'build'
  static route = { base: 'it/is', pattern: 'good' }
 }
-class BadService extends BadBaseService {}
+class BadMixedService extends BadBaseService {}

-export default [GoodService, BadService]
+export default [GoodMixedService, BadMixedService]
--- a/core/base-service/loader-test-fixtures/invalid-no-base.fixture.js
+++ b/core/base-service/loader-test-fixtures/invalid-no-base.fixture.js
@@ -1,3 +1,3 @@
-class BadService {}
+class BadNoBaseService {}

-export default BadService
+export default BadNoBaseService
--- a/core/base-service/loader-test-fixtures/invalid-wrong-base.fixture.js
+++ b/core/base-service/loader-test-fixtures/invalid-wrong-base.fixture.js
@@ -1,4 +1,4 @@
 class BadBaseService {}
-class BadService extends BadBaseService {}
+class BadChildService extends BadBaseService {}

-export default BadService
+export default BadChildService
--- a/core/base-service/loader-test-fixtures/valid-array.fixture.js
+++ b/core/base-service/loader-test-fixtures/valid-array.fixture.js
@@ -1,12 +1,12 @@
 import BaseJsonService from '../base-json.js'

-class GoodServiceOne extends BaseJsonService {
+class GoodServiceArrayOne extends BaseJsonService {
  static category = 'build'
  static route = { base: 'good', pattern: 'one' }
 }
-class GoodServiceTwo extends BaseJsonService {
+class GoodServiceArrayTwo extends BaseJsonService {
  static category = 'build'
  static route = { base: 'good', pattern: 'two' }
 }

-export default [GoodServiceOne, GoodServiceTwo]
+export default [GoodServiceArrayOne, GoodServiceArrayTwo]
--- a/core/base-service/loader-test-fixtures/valid-object.fixture.js
+++ b/core/base-service/loader-test-fixtures/valid-object.fixture.js
@@ -1,12 +1,12 @@
 import BaseJsonService from '../base-json.js'

-class GoodServiceOne extends BaseJsonService {
+class GoodServiceObjectOne extends BaseJsonService {
  static category = 'build'
  static route = { base: 'good', pattern: 'one' }
 }
-class GoodServiceTwo extends BaseJsonService {
+class GoodServiceObjectTwo extends BaseJsonService {
  static category = 'build'
  static route = { base: 'good', pattern: 'two' }
 }

-export { GoodServiceOne, GoodServiceTwo }
+export { GoodServiceObjectOne, GoodServiceObjectTwo }
--- a/core/base-service/loader.js
+++ b/core/base-service/loader.js
@@ -1,6 +1,6 @@
 import path from 'path'
 import { fileURLToPath } from 'url'
-import glob from 'glob'
+import { globSync } from 'glob'
 import countBy from 'lodash.countby'
 import categories from '../../services/categories.js'
 import BaseService from './base.js'
@@ -27,11 +27,25 @@ class InvalidService extends Error {
  }
 }

+function getServicePaths(pattern) {
+  return globSync(toUnixPath(path.join(serviceDir, '**', pattern))).sort()
+}
+
+function assertNamesUnique(names, { message }) {
+  const duplicates = {}
+  Object.entries(countBy(names))
+    .filter(([name, count]) => count > 1)
+    .forEach(([name, count]) => {
+      duplicates[name] = count
+    })
+  if (Object.keys(duplicates).length) {
+    throw new Error(`${message}: ${JSON.stringify(duplicates, undefined, 2)}`)
+  }
+}
+
 async function loadServiceClasses(servicePaths) {
  if (!servicePaths) {
-    servicePaths = glob.sync(
-      toUnixPath(path.join(serviceDir, '**', '*.service.js'))
-    )
+    servicePaths = getServicePaths('*.service.js')
  }

  const serviceClasses = []
@@ -51,8 +65,8 @@ async function loadServiceClasses(servicePaths) {
      if (serviceClass && serviceClass.prototype instanceof BaseService) {
        // Decorate each service class with the directory that contains it.
        serviceClass.serviceFamily = servicePath
-          .replace(toUnixPath(serviceDir), '')
-          .split('/')[1]
+          .replace(serviceDir, '')
+          .split(path.sep)[1]
        serviceClass.validateDefinition()
        return serviceClasses.push(serviceClass)
      }
@@ -62,29 +76,14 @@ async function loadServiceClasses(servicePaths) {
    })
  }

-  return serviceClasses
-}
-
-function assertNamesUnique(names, { message }) {
-  const duplicates = {}
-  Object.entries(countBy(names))
-    .filter(([name, count]) => count > 1)
-    .forEach(([name, count]) => {
-      duplicates[name] = count
-    })
-  if (Object.keys(duplicates).length) {
-    throw new Error(`${message}: ${JSON.stringify(duplicates, undefined, 2)}`)
-  }
-}
-
-async function checkNames() {
-  const services = await loadServiceClasses()
  assertNamesUnique(
-    services.map(({ name }) => name),
+    serviceClasses.map(({ name }) => name),
    {
      message: 'Duplicate service names found',
    }
  )
+
+  return serviceClasses
 }

 async function collectDefinitions() {
@@ -102,16 +101,16 @@ async function collectDefinitions() {

 async function loadTesters() {
  return Promise.all(
-    glob
-      .sync(path.join(serviceDir, '**', '*.tester.js'))
-      .map(async path => await import(`file://${path}`))
+    getServicePaths('*.tester.js').map(
+      async path => await import(`file://${path}`)
+    )
  )
 }

 export {
  InvalidService,
  loadServiceClasses,
-  checkNames,
+  getServicePaths,
  collectDefinitions,
  loadTesters,
 }
--- a/core/base-service/loader.spec.js
+++ b/core/base-service/loader.spec.js
@@ -2,7 +2,11 @@ import path from 'path'
 import { fileURLToPath } from 'url'
 import chai from 'chai'
 import chaiAsPromised from 'chai-as-promised'
-import { loadServiceClasses, InvalidService } from './loader.js'
+import {
+  loadServiceClasses,
+  getServicePaths,
+  InvalidService,
+} from './loader.js'
 chai.use(chaiAsPromised)

 const { expect } = chai
@@ -65,3 +69,15 @@ describe('loadServiceClasses function', function () {
    ).to.eventually.have.length(5)
  })
 })
+
+describe('getServicePaths', function () {
+  // these tests just make sure we discover a
+  // plausibly large number of .service and .tester files
+  it('finds a non-zero number of services in the project', function () {
+    expect(getServicePaths('*.service.js')).to.have.length.above(400)
+  })
+
+  it('finds a non-zero number of testers in the project', function () {
+    expect(getServicePaths('*.tester.js')).to.have.length.above(400)
+  })
+})
--- a/core/base-service/openapi.js
+++ b/core/base-service/openapi.js
@@ -0,0 +1,335 @@
+const baseUrl = process.env.BASE_URL
+const globalParamRefs = [
+  { $ref: '#/components/parameters/style' },
+  { $ref: '#/components/parameters/logo' },
+  { $ref: '#/components/parameters/logoColor' },
+  { $ref: '#/components/parameters/label' },
+  { $ref: '#/components/parameters/labelColor' },
+  { $ref: '#/components/parameters/color' },
+  { $ref: '#/components/parameters/cacheSeconds' },
+  { $ref: '#/components/parameters/link' },
+]
+
+function getCodeSamples(altText) {
+  return [
+    {
+      lang: 'URL',
+      label: 'URL',
+      source: '$url',
+    },
+    {
+      lang: 'Markdown',
+      label: 'Markdown',
+      source: `![${altText}]($url)`,
+    },
+    {
+      lang: 'reStructuredText',
+      label: 'rSt',
+      source: `.. image:: $url\n:   alt: ${altText}`,
+    },
+    {
+      lang: 'AsciiDoc',
+      label: 'AsciiDoc',
+      source: `image:$url[${altText}]`,
+    },
+    {
+      lang: 'HTML',
+      label: 'HTML',
+      source: `<img alt="${altText}" src="$url">`,
+    },
+  ]
+}
+
+function pattern2openapi(pattern) {
+  return pattern
+    .replace(/:([A-Za-z0-9_\-.]+)(?=[/]?)/g, (matches, grp1) => `{${grp1}}`)
+    .replace(/\([^)]*\)/g, '')
+    .replace(/\+$/, '')
+}
+
+function getEnum(pattern, paramName) {
+  const re = new RegExp(`${paramName}\\(([A-Za-z0-9_\\-|]+)\\)`)
+  const match = pattern.match(re)
+  if (match === null) {
+    return undefined
+  }
+  if (!match[1].includes('|')) {
+    return undefined
+  }
+  return match[1].split('|')
+}
+
+function param2openapi(pattern, paramName, exampleValue, paramType) {
+  const outParam = {}
+  outParam.name = paramName
+  // We don't have description if we are building the OpenAPI spec from examples[]
+  outParam.in = paramType
+  if (paramType === 'path') {
+    outParam.required = true
+  } else {
+    /* Occasionally we do have required query params, but we can't
+    detect this if we are building the OpenAPI spec from examples[]
+    so just assume all query params are optional */
+    outParam.required = false
+  }
+
+  if (exampleValue === null && paramType === 'query') {
+    outParam.schema = { type: 'boolean' }
+    outParam.allowEmptyValue = true
+  } else {
+    outParam.schema = { type: 'string' }
+  }
+
+  if (paramType === 'path') {
+    outParam.schema.enum = getEnum(pattern, paramName)
+  }
+
+  outParam.example = exampleValue
+  return outParam
+}
+
+function getVariants(pattern) {
+  /*
+  given a URL pattern (which may include '/one/or/:more?/:optional/:parameters*')
+  return an array of all possible permutations:
+  [
+    '/one/or/:more/:optional/:parameters',
+    '/one/or/:optional/:parameters',
+    '/one/or/:more/:optional',
+    '/one/or/:optional',
+  ]
+  */
+  const patterns = [pattern.split('/')]
+  while (patterns.flat().find(p => p.endsWith('?') || p.endsWith('*'))) {
+    for (let i = 0; i < patterns.length; i++) {
+      const pattern = patterns[i]
+      for (let j = 0; j < pattern.length; j++) {
+        const path = pattern[j]
+        if (path.endsWith('?') || path.endsWith('*')) {
+          pattern[j] = path.slice(0, -1)
+          patterns.push(patterns[i].filter(p => p !== pattern[j]))
+        }
+      }
+    }
+  }
+  for (let i = 0; i < patterns.length; i++) {
+    patterns[i] = patterns[i].join('/')
+  }
+  return patterns
+}
+
+function examples2openapi(examples) {
+  const paths = {}
+  for (const example of examples) {
+    const patterns = getVariants(example.example.pattern)
+
+    for (const pattern of patterns) {
+      const openApiPattern = pattern2openapi(pattern)
+      if (
+        openApiPattern.includes('*') ||
+        openApiPattern.includes('?') ||
+        openApiPattern.includes('+') ||
+        openApiPattern.includes('(')
+      ) {
+        throw new Error(`unexpected characters in pattern '${openApiPattern}'`)
+      }
+
+      /*
+      There's several things going on in this block:
+      1. Filter out any examples for params that don't appear
+         in this variant of the route
+      2. Make sure we add params to the array
+         in the same order they appear in the route
+      3. If there are any params we don't have an example value for,
+         make sure they still appear in the pathParams array with
+         exampleValue == undefined anyway
+      */
+      const pathParams = []
+      for (const param of openApiPattern
+        .split('/')
+        .filter(p => p.startsWith('{') && p.endsWith('}'))) {
+        const paramName = param.slice(1, -1)
+        const exampleValue = example.example.namedParams[paramName]
+        pathParams.push(param2openapi(pattern, paramName, exampleValue, 'path'))
+      }
+
+      const queryParams = example.example.queryParams || {}
+
+      const parameters = [
+        ...pathParams,
+        ...Object.entries(queryParams).map(([paramName, exampleValue]) =>
+          param2openapi(pattern, paramName, exampleValue, 'query')
+        ),
+        ...globalParamRefs,
+      ]
+      paths[openApiPattern] = {
+        get: {
+          summary: example.title,
+          description: example?.documentation?.__html
+            .replace(/<br>/g, '<br />') // react does not like <br>
+            .replace(/{/g, '&#123;')
+            .replace(/}/g, '&#125;')
+            .replace(/<style>(.|\n)*?<\/style>/, ''), // workaround for w3c-validation TODO: remove later
+          parameters,
+          'x-code-samples': getCodeSamples(example.title),
+        },
+      }
+    }
+  }
+  return paths
+}
+
+function addGlobalProperties(endpoints) {
+  const paths = {}
+  for (const key of Object.keys(endpoints)) {
+    paths[key] = endpoints[key]
+    paths[key].get.parameters = [
+      ...paths[key].get.parameters,
+      ...globalParamRefs,
+    ]
+    paths[key].get['x-code-samples'] = getCodeSamples(paths[key].get.summary)
+  }
+  return paths
+}
+
+function services2openapi(services) {
+  const paths = {}
+  for (const service of services) {
+    if (service.openApi) {
+      // if the service declares its own OpenAPI definition, use that...
+      for (const [key, value] of Object.entries(
+        addGlobalProperties(service.openApi)
+      )) {
+        if (key in paths) {
+          throw new Error(`Conflicting route: ${key}`)
+        }
+        paths[key] = value
+      }
+    } else {
+      // ...otherwise do our best to build one from examples[]
+      for (const [key, value] of Object.entries(
+        examples2openapi(service.examples)
+      )) {
+        // allow conflicting routes for legacy examples
+        paths[key] = value
+      }
+    }
+  }
+  return paths
+}
+
+function category2openapi(category, services) {
+  const spec = {
+    openapi: '3.0.0',
+    info: {
+      version: '1.0.0',
+      title: category.name,
+      license: {
+        name: 'CC0',
+      },
+    },
+    servers: baseUrl ? [{ url: baseUrl }] : undefined,
+    components: {
+      parameters: {
+        style: {
+          name: 'style',
+          in: 'query',
+          required: false,
+          description:
+            'One of: flat (default), flat-square, plastic, for-the-badge, social',
+          schema: {
+            type: 'string',
+          },
+          example: 'flat',
+        },
+        logo: {
+          name: 'logo',
+          in: 'query',
+          required: false,
+          description:
+            'One of the named logos (bitcoin, dependabot, gitlab, npm, paypal, serverfault, stackexchange, superuser, telegram, travis) or simple-icons. All simple-icons are referenced using icon slugs. You can click the icon title on <a href="https://simpleicons.org/" rel="noopener noreferrer" target="_blank">simple-icons</a> to copy the slug or they can be found in the <a href="https://github.com/simple-icons/simple-icons/blob/master/slugs.md">slugs.md file</a> in the simple-icons repository.',
+          schema: {
+            type: 'string',
+          },
+          example: 'appveyor',
+        },
+        logoColor: {
+          name: 'logoColor',
+          in: 'query',
+          required: false,
+          description:
+            'The color of the logo (hex, rgb, rgba, hsl, hsla and css named colors supported). Supported for named logos and Shields logos but not for custom logos. For multicolor Shields logos, the corresponding named logo will be used and colored.',
+          schema: {
+            type: 'string',
+          },
+          example: 'violet',
+        },
+        label: {
+          name: 'label',
+          in: 'query',
+          required: false,
+          description:
+            'Override the default left-hand-side text (<a href="https://developer.mozilla.org/en-US/docs/Glossary/percent-encoding">URL-Encoding</a> needed for spaces or special characters!)',
+          schema: {
+            type: 'string',
+          },
+          example: 'healthiness',
+        },
+        labelColor: {
+          name: 'labelColor',
+          in: 'query',
+          required: false,
+          description:
+            'Background color of the left part (hex, rgb, rgba, hsl, hsla and css named colors supported).',
+          schema: {
+            type: 'string',
+          },
+          example: 'abcdef',
+        },
+        color: {
+          name: 'color',
+          in: 'query',
+          required: false,
+          description:
+            'Background color of the right part (hex, rgb, rgba, hsl, hsla and css named colors supported).',
+          schema: {
+            type: 'string',
+          },
+          example: 'fedcba',
+        },
+        cacheSeconds: {
+          name: 'cacheSeconds',
+          in: 'query',
+          required: false,
+          description:
+            'HTTP cache lifetime (rules are applied to infer a default value on a per-badge basis, any values specified below the default will be ignored).',
+          schema: {
+            type: 'string',
+          },
+          example: '3600',
+        },
+        link: {
+          name: 'link',
+          in: 'query',
+          required: false,
+          description:
+            'Specify what clicking on the left/right of a badge should do. Note that this only works when integrating your badge in an `<object>` HTML tag, but not an `<img>` tag or a markup language.',
+          style: 'form',
+          explode: true,
+          schema: {
+            type: 'array',
+            maxItems: 2,
+            items: {
+              type: 'string',
+            },
+          },
+        },
+      },
+    },
+    paths: services2openapi(services),
+  }
+
+  return spec
+}
+
+export { category2openapi }
--- a/core/base-service/openapi.spec.js
+++ b/core/base-service/openapi.spec.js
@@ -0,0 +1,378 @@
+import chai from 'chai'
+import { category2openapi } from './openapi.js'
+import BaseJsonService from './base-json.js'
+const { expect } = chai
+
+class OpenApiService extends BaseJsonService {
+  static category = 'build'
+  static route = { base: 'openapi/service', pattern: ':packageName/:distTag*' }
+
+  // this service defines its own API Paths Object
+  static openApi = {
+    '/openapi/service/{packageName}': {
+      get: {
+        summary: 'OpenApiService Summary',
+        description: 'OpenApiService Description',
+        parameters: [
+          {
+            name: 'packageName',
+            description: 'packageName description',
+            in: 'path',
+            required: true,
+            schema: { type: 'string' },
+            example: 'badge-maker',
+          },
+        ],
+      },
+    },
+    '/openapi/service/{packageName}/{distTag}': {
+      get: {
+        summary: 'OpenApiService Summary (with Tag)',
+        description: 'OpenApiService Description (with Tag)',
+        parameters: [
+          {
+            name: 'packageName',
+            description: 'packageName description',
+            in: 'path',
+            required: true,
+            schema: { type: 'string' },
+            example: 'badge-maker',
+          },
+          {
+            name: 'distTag',
+            description: 'distTag description',
+            in: 'path',
+            required: true,
+            schema: { type: 'string' },
+            example: 'latest',
+          },
+        ],
+      },
+    },
+  }
+}
+
+class LegacyService extends BaseJsonService {
+  static category = 'build'
+  static route = { base: 'legacy/service', pattern: ':packageName/:distTag*' }
+
+  // this service defines an Examples Array
+  static examples = [
+    {
+      title: 'LegacyService Title',
+      namedParams: { packageName: 'badge-maker' },
+      staticPreview: { label: 'build', message: 'passing' },
+      documentation: 'LegacyService Description',
+    },
+    {
+      title: 'LegacyService Title (with Tag)',
+      namedParams: { packageName: 'badge-maker', distTag: 'latest' },
+      staticPreview: { label: 'build', message: 'passing' },
+      documentation: 'LegacyService Description (with Tag)',
+    },
+  ]
+}
+
+const expected = {
+  openapi: '3.0.0',
+  info: { version: '1.0.0', title: 'build', license: { name: 'CC0' } },
+  components: {
+    parameters: {
+      style: {
+        name: 'style',
+        in: 'query',
+        required: false,
+        description:
+          'One of: flat (default), flat-square, plastic, for-the-badge, social',
+        schema: { type: 'string' },
+        example: 'flat',
+      },
+      logo: {
+        name: 'logo',
+        in: 'query',
+        required: false,
+        description:
+          'One of the named logos (bitcoin, dependabot, gitlab, npm, paypal, serverfault, stackexchange, superuser, telegram, travis) or simple-icons. All simple-icons are referenced using icon slugs. You can click the icon title on <a href="https://simpleicons.org/" rel="noopener noreferrer" target="_blank">simple-icons</a> to copy the slug or they can be found in the <a href="https://github.com/simple-icons/simple-icons/blob/master/slugs.md">slugs.md file</a> in the simple-icons repository.',
+        schema: { type: 'string' },
+        example: 'appveyor',
+      },
+      logoColor: {
+        name: 'logoColor',
+        in: 'query',
+        required: false,
+        description:
+          'The color of the logo (hex, rgb, rgba, hsl, hsla and css named colors supported). Supported for named logos and Shields logos but not for custom logos. For multicolor Shields logos, the corresponding named logo will be used and colored.',
+        schema: { type: 'string' },
+        example: 'violet',
+      },
+      label: {
+        name: 'label',
+        in: 'query',
+        required: false,
+        description:
+          'Override the default left-hand-side text (<a href="https://developer.mozilla.org/en-US/docs/Glossary/percent-encoding">URL-Encoding</a> needed for spaces or special characters!)',
+        schema: { type: 'string' },
+        example: 'healthiness',
+      },
+      labelColor: {
+        name: 'labelColor',
+        in: 'query',
+        required: false,
+        description:
+          'Background color of the left part (hex, rgb, rgba, hsl, hsla and css named colors supported).',
+        schema: { type: 'string' },
+        example: 'abcdef',
+      },
+      color: {
+        name: 'color',
+        in: 'query',
+        required: false,
+        description:
+          'Background color of the right part (hex, rgb, rgba, hsl, hsla and css named colors supported).',
+        schema: { type: 'string' },
+        example: 'fedcba',
+      },
+      cacheSeconds: {
+        name: 'cacheSeconds',
+        in: 'query',
+        required: false,
+        description:
+          'HTTP cache lifetime (rules are applied to infer a default value on a per-badge basis, any values specified below the default will be ignored).',
+        schema: { type: 'string' },
+        example: '3600',
+      },
+      link: {
+        name: 'link',
+        in: 'query',
+        required: false,
+        description:
+          'Specify what clicking on the left/right of a badge should do. Note that this only works when integrating your badge in an `<object>` HTML tag, but not an `<img>` tag or a markup language.',
+        style: 'form',
+        explode: true,
+        schema: { type: 'array', maxItems: 2, items: { type: 'string' } },
+      },
+    },
+  },
+  paths: {
+    '/openapi/service/{packageName}': {
+      get: {
+        summary: 'OpenApiService Summary',
+        description: 'OpenApiService Description',
+        parameters: [
+          {
+            name: 'packageName',
+            description: 'packageName description',
+            in: 'path',
+            required: true,
+            schema: { type: 'string' },
+            example: 'badge-maker',
+          },
+          { $ref: '#/components/parameters/style' },
+          { $ref: '#/components/parameters/logo' },
+          { $ref: '#/components/parameters/logoColor' },
+          { $ref: '#/components/parameters/label' },
+          { $ref: '#/components/parameters/labelColor' },
+          { $ref: '#/components/parameters/color' },
+          { $ref: '#/components/parameters/cacheSeconds' },
+          { $ref: '#/components/parameters/link' },
+        ],
+        'x-code-samples': [
+          { lang: 'URL', label: 'URL', source: '$url' },
+          {
+            lang: 'Markdown',
+            label: 'Markdown',
+            source: '![OpenApiService Summary]($url)',
+          },
+          {
+            lang: 'reStructuredText',
+            label: 'rSt',
+            source: '.. image:: $url\n:   alt: OpenApiService Summary',
+          },
+          {
+            lang: 'AsciiDoc',
+            label: 'AsciiDoc',
+            source: 'image:$url[OpenApiService Summary]',
+          },
+          {
+            lang: 'HTML',
+            label: 'HTML',
+            source: '<img alt="OpenApiService Summary" src="$url">',
+          },
+        ],
+      },
+    },
+    '/openapi/service/{packageName}/{distTag}': {
+      get: {
+        summary: 'OpenApiService Summary (with Tag)',
+        description: 'OpenApiService Description (with Tag)',
+        parameters: [
+          {
+            name: 'packageName',
+            description: 'packageName description',
+            in: 'path',
+            required: true,
+            schema: { type: 'string' },
+            example: 'badge-maker',
+          },
+          {
+            name: 'distTag',
+            description: 'distTag description',
+            in: 'path',
+            required: true,
+            schema: { type: 'string' },
+            example: 'latest',
+          },
+          { $ref: '#/components/parameters/style' },
+          { $ref: '#/components/parameters/logo' },
+          { $ref: '#/components/parameters/logoColor' },
+          { $ref: '#/components/parameters/label' },
+          { $ref: '#/components/parameters/labelColor' },
+          { $ref: '#/components/parameters/color' },
+          { $ref: '#/components/parameters/cacheSeconds' },
+          { $ref: '#/components/parameters/link' },
+        ],
+        'x-code-samples': [
+          { lang: 'URL', label: 'URL', source: '$url' },
+          {
+            lang: 'Markdown',
+            label: 'Markdown',
+            source: '![OpenApiService Summary (with Tag)]($url)',
+          },
+          {
+            lang: 'reStructuredText',
+            label: 'rSt',
+            source:
+              '.. image:: $url\n:   alt: OpenApiService Summary (with Tag)',
+          },
+          {
+            lang: 'AsciiDoc',
+            label: 'AsciiDoc',
+            source: 'image:$url[OpenApiService Summary (with Tag)]',
+          },
+          {
+            lang: 'HTML',
+            label: 'HTML',
+            source: '<img alt="OpenApiService Summary (with Tag)" src="$url">',
+          },
+        ],
+      },
+    },
+    '/legacy/service/{packageName}/{distTag}': {
+      get: {
+        summary: 'LegacyService Title (with Tag)',
+        description: 'LegacyService Description (with Tag)',
+        parameters: [
+          {
+            name: 'packageName',
+            in: 'path',
+            required: true,
+            schema: { type: 'string' },
+            example: 'badge-maker',
+          },
+          {
+            name: 'distTag',
+            in: 'path',
+            required: true,
+            schema: { type: 'string' },
+            example: 'latest',
+          },
+          { $ref: '#/components/parameters/style' },
+          { $ref: '#/components/parameters/logo' },
+          { $ref: '#/components/parameters/logoColor' },
+          { $ref: '#/components/parameters/label' },
+          { $ref: '#/components/parameters/labelColor' },
+          { $ref: '#/components/parameters/color' },
+          { $ref: '#/components/parameters/cacheSeconds' },
+          { $ref: '#/components/parameters/link' },
+        ],
+        'x-code-samples': [
+          { lang: 'URL', label: 'URL', source: '$url' },
+          {
+            lang: 'Markdown',
+            label: 'Markdown',
+            source: '![LegacyService Title (with Tag)]($url)',
+          },
+          {
+            lang: 'reStructuredText',
+            label: 'rSt',
+            source: '.. image:: $url\n:   alt: LegacyService Title (with Tag)',
+          },
+          {
+            lang: 'AsciiDoc',
+            label: 'AsciiDoc',
+            source: 'image:$url[LegacyService Title (with Tag)]',
+          },
+          {
+            lang: 'HTML',
+            label: 'HTML',
+            source: '<img alt="LegacyService Title (with Tag)" src="$url">',
+          },
+        ],
+      },
+    },
+    '/legacy/service/{packageName}': {
+      get: {
+        summary: 'LegacyService Title (with Tag)',
+        description: 'LegacyService Description (with Tag)',
+        parameters: [
+          {
+            name: 'packageName',
+            in: 'path',
+            required: true,
+            schema: { type: 'string' },
+            example: 'badge-maker',
+          },
+          { $ref: '#/components/parameters/style' },
+          { $ref: '#/components/parameters/logo' },
+          { $ref: '#/components/parameters/logoColor' },
+          { $ref: '#/components/parameters/label' },
+          { $ref: '#/components/parameters/labelColor' },
+          { $ref: '#/components/parameters/color' },
+          { $ref: '#/components/parameters/cacheSeconds' },
+          { $ref: '#/components/parameters/link' },
+        ],
+        'x-code-samples': [
+          { lang: 'URL', label: 'URL', source: '$url' },
+          {
+            lang: 'Markdown',
+            label: 'Markdown',
+            source: '![LegacyService Title (with Tag)]($url)',
+          },
+          {
+            lang: 'reStructuredText',
+            label: 'rSt',
+            source: '.. image:: $url\n:   alt: LegacyService Title (with Tag)',
+          },
+          {
+            lang: 'AsciiDoc',
+            label: 'AsciiDoc',
+            source: 'image:$url[LegacyService Title (with Tag)]',
+          },
+          {
+            lang: 'HTML',
+            label: 'HTML',
+            source: '<img alt="LegacyService Title (with Tag)" src="$url">',
+          },
+        ],
+      },
+    },
+  },
+}
+
+function clean(obj) {
+  // remove any undefined values in the object
+  return JSON.parse(JSON.stringify(obj))
+}
+
+describe('category2openapi', function () {
+  it('generates an Open API spec', function () {
+    expect(
+      clean(
+        category2openapi({ name: 'build' }, [
+          OpenApiService.getDefinition(),
+          LegacyService.getDefinition(),
+        ])
+      )
+    ).to.deep.equal(expected)
+  })
+})
--- a/core/base-service/resource-cache.js
+++ b/core/base-service/resource-cache.js
@@ -14,14 +14,16 @@ let resourceCache = Object.create(null)
 /**
 * Make a HTTP request using an in-memory cache
 *
- * @param {object} attrs Refer to individual attrs
- * @param {string} attrs.url URL to request
- * @param {number} attrs.ttl Number of milliseconds to keep cached value for
- * @param {boolean} [attrs.json=true] True if we expect to parse the response as JSON
- * @param {Function} [attrs.scraper=buffer => buffer] Function to extract value from the response
- * @param {object} [attrs.options={}] Options to pass to got
- * @param {Function} [attrs.requestFetcher=fetch] Custom fetch function
- * @returns {*} Parsed response
+ * @async
+ * @param {object} attrs - Refer to individual attrs
+ * @param {string} attrs.url - URL to request
+ * @param {number} attrs.ttl - Number of milliseconds to keep cached value for
+ * @param {boolean} [attrs.json=true] - True if we expect to parse the response as JSON
+ * @param {Function} [attrs.scraper=buffer => buffer] - Function to extract value from the response
+ * @param {object} [attrs.options={}] - Options to pass to got
+ * @param {Function} [attrs.requestFetcher=fetch] - Custom fetch function
+ * @throws {InvalidResponse} - Error if unable to parse response
+ * @returns {Promise<*>} Promise that resolves to parsed response
 */
 async function getCachedResource({
  url,
--- a/core/base-service/service-definitions.js
+++ b/core/base-service/service-definitions.js
@@ -1,8 +1,5 @@
 import Joi from 'joi'

-// This should be kept in sync with the schema in
-// `frontend/lib/service-definitions/index.ts`.
-
 const arrayOfStrings = Joi.array().items(Joi.string()).min(0).required()

 const objectOfKeyValues = Joi.object()
@@ -46,6 +43,28 @@ const serviceDefinition = Joi.object({
      })
    )
    .default([]),
+  openApi: Joi.object().pattern(
+    /./,
+    Joi.object({
+      get: Joi.object({
+        summary: Joi.string().required(),
+        description: Joi.string().required(),
+        parameters: Joi.array()
+          .items(
+            Joi.object({
+              name: Joi.string().required(),
+              description: Joi.string(),
+              in: Joi.string().valid('query', 'path').required(),
+              required: Joi.boolean().required(),
+              schema: Joi.object({ type: Joi.string().required() }).required(),
+              example: Joi.string(),
+            })
+          )
+          .min(1)
+          .required(),
+      }).required(),
+    }).required()
+  ),
 }).required()

 function assertValidServiceDefinition(example, message = undefined) {
@@ -70,9 +89,4 @@ function assertValidServiceDefinitionExport(examples, message = undefined) {
  Joi.assert(examples, serviceDefinitionExport, message)
 }

-export {
-  serviceDefinition,
-  assertValidServiceDefinition,
-  serviceDefinitionExport,
-  assertValidServiceDefinitionExport,
-}
+export { assertValidServiceDefinition, assertValidServiceDefinitionExport }
--- a/core/server/server.js
+++ b/core/server/server.js
@@ -11,7 +11,6 @@ import originalJoi from 'joi'
 import makeBadge from '../../badge-maker/lib/make-badge.js'
 import GithubConstellation from '../../services/github/github-constellation.js'
 import LibrariesIoConstellation from '../../services/librariesio/librariesio-constellation.js'
-import { setRoutes } from '../../services/suggest.js'
 import { loadServiceClasses } from '../base-service/loader.js'
 import { makeSend } from '../base-service/legacy-result-sender.js'
 import { handleRequest } from '../base-service/legacy-request-handler.js'
@@ -113,6 +112,9 @@ const publicConfigSchema = Joi.object({
  redirectUrl: optionalUrl,
  rasterUrl: optionalUrl,
  cors: {
+    // This doesn't actually do anything
+    // TODO: maybe remove in future?
+    // https://github.com/badges/shields/pull/8311#discussion_r945337530
    allowedOrigin: Joi.array().items(optionalUrl).required(),
  },
  services: Joi.object({
@@ -124,6 +126,7 @@ const publicConfigSchema = Joi.object({
        enabled: Joi.boolean().required(),
        intervalSeconds: Joi.number().integer().min(1).required(),
      },
+      restApiVersion: Joi.date().raw().required(),
    },
    gitlab: defaultService,
    jira: defaultService,
@@ -169,6 +172,8 @@ const privateConfigSchema = Joi.object({
  jenkins_pass: Joi.string(),
  jira_user: Joi.string(),
  jira_pass: Joi.string(),
+  bitbucket_username: Joi.string(),
+  bitbucket_password: Joi.string(),
  bitbucket_server_username: Joi.string(),
  bitbucket_server_password: Joi.string(),
  librariesio_tokens: Joi.arrayFromString().items(Joi.string()),
@@ -178,10 +183,12 @@ const privateConfigSchema = Joi.object({
  obs_user: Joi.string(),
  obs_pass: Joi.string(),
  redis_url: Joi.string().uri({ scheme: ['redis', 'rediss'] }),
+  postgres_url: Joi.string().uri({ scheme: 'postgresql' }),
  sentry_dsn: Joi.string(),
  sl_insight_userUuid: Joi.string(),
  sl_insight_apiToken: Joi.string(),
  sonarqube_token: Joi.string(),
+  stackapps_api_key: Joi.string(),
  teamcity_user: Joi.string(),
  teamcity_pass: Joi.string(),
  twitch_client_id: Joi.string(),
@@ -355,7 +362,7 @@ class Server {
    })

    if (!rasterUrl) {
-      camp.route(/\.png$/, (query, match, end, request) => {
+      camp.route(/^\/((?!img\/)).*\.png$/, (query, match, end, request) => {
        makeSend(
          'svg',
          request.res,
@@ -405,7 +412,7 @@ class Server {

    if (rasterUrl) {
      // Redirect to the raster server for raster versions of modern badges.
-      camp.route(/\.png$/, (queryParams, match, end, ask) => {
+      camp.route(/^\/((?!img\/)).*\.png$/, (queryParams, match, end, ask) => {
        ask.res.statusCode = 301
        ask.res.setHeader(
          'Location',
@@ -486,7 +493,6 @@ class Server {
    const {
      bind: { port, address: hostname },
      ssl: { isSecure: secure, cert, key },
-      cors: { allowedOrigin },
      requireCloudflare,
    } = this.config.public

@@ -519,9 +525,6 @@ class Server {
      }
    }

-    const { apiProvider: githubApiProvider } = this.githubConstellation
-    setRoutes(allowedOrigin, githubApiProvider, camp)
-
    // https://github.com/badges/shields/issues/3273
    camp.handle((req, res, next) => {
      res.setHeader('Access-Control-Allow-Origin', '*')
--- a/core/server/server.spec.js
+++ b/core/server/server.spec.js
@@ -60,12 +60,14 @@ describe('The server', function () {
    })

    it('should serve badges with custom maxAge', async function () {
-      const { headers } = await got(`${baseUrl}npm/l/express`)
-      expect(headers['cache-control']).to.equal('max-age=3600, s-maxage=3600')
+      const { headers } = await got(`${baseUrl}badge/foo-bar-blue`)
+      expect(headers['cache-control']).to.equal('max-age=86400, s-maxage=86400')
    })

    it('should return cors header for the request', async function () {
-      const { statusCode, headers } = await got(`${baseUrl}npm/v/express.svg`)
+      const { statusCode, headers } = await got(
+        `${baseUrl}badge/foo-bar-blue.svg`
+      )
      expect(statusCode).to.equal(200)
      expect(headers['access-control-allow-origin']).to.equal('*')
    })
@@ -84,15 +86,23 @@ describe('The server', function () {
    })

    it('should redirect modern PNG badges as configured', async function () {
-      const { statusCode, headers } = await got(`${baseUrl}npm/v/express.png`, {
-        followRedirect: false,
-      })
+      const { statusCode, headers } = await got(
+        `${baseUrl}badge/foo-bar-blue.png`,
+        {
+          followRedirect: false,
+        }
+      )
      expect(statusCode).to.equal(301)
      expect(headers.location).to.equal(
-        'http://raster.example.test/npm/v/express.png'
+        'http://raster.example.test/badge/foo-bar-blue.png'
      )
    })

+    it('should not redirect for PNG requests in /img', async function () {
+      const { statusCode } = await got(`${baseUrl}img/frontend-image.png`)
+      expect(statusCode).to.equal(200)
+    })
+
    it('should produce SVG badges with expected headers', async function () {
      const { statusCode, headers } = await got(
        `${baseUrl}:fruit-apple-green.svg`
@@ -197,9 +207,12 @@ describe('The server', function () {
    })

    it('should return the 410 badge for obsolete formats', async function () {
-      const { statusCode, body } = await got(`${baseUrl}npm/v/express.jpg`, {
-        throwHttpErrors: false,
-      })
+      const { statusCode, body } = await got(
+        `${baseUrl}badge/foo-bar-blue.jpg`,
+        {
+          throwHttpErrors: false,
+        }
+      )
      // TODO It would be nice if this were 404 or 410.
      expect(statusCode).to.equal(200)
      expect(body)
@@ -207,12 +220,6 @@ describe('The server', function () {
        .and.to.include('410')
        .and.to.include('jpg no longer available')
    })
-
-    it('should return cors header for the request', async function () {
-      const { statusCode, headers } = await got(`${baseUrl}npm/v/express.svg`)
-      expect(statusCode).to.equal(200)
-      expect(headers['access-control-allow-origin']).to.equal('*')
-    })
  })

  context('`requireCloudflare` is enabled', function () {
--- a/core/server/test-public/img/frontend-image.png
+++ b/core/server/test-public/img/frontend-image.png
--- a/core/service-test-runner/infer-pull-request.js
+++ b/core/service-test-runner/infer-pull-request.js
@@ -1,102 +0,0 @@
-/**
- * @module
- */
-
-import { URL, format as urlFormat } from 'url'
-
-function formatSlug(owner, repo, pullRequest) {
-  return `${owner}/${repo}#${pullRequest}`
-}
-
-function parseGithubPullRequestUrl(url, options = {}) {
-  const { verifyBaseUrl } = options
-
-  const parsed = new URL(url)
-  const components = parsed.pathname.substr(1).split('/')
-  if (components[2] !== 'pull' || components.length !== 4) {
-    throw Error(`Invalid GitHub pull request URL: ${url}`)
-  }
-  const [owner, repo, , pullRequest] = components
-
-  parsed.pathname = ''
-  const baseUrl = urlFormat(parsed, {
-    auth: false,
-    fragment: false,
-    search: false,
-  }).replace(/\/$/, '')
-
-  if (verifyBaseUrl && baseUrl !== verifyBaseUrl) {
-    throw Error(`Expected base URL to be ${verifyBaseUrl} but got ${baseUrl}`)
-  }
-
-  return {
-    baseUrl,
-    owner,
-    repo,
-    pullRequest: +pullRequest,
-    slug: formatSlug(owner, repo, pullRequest),
-  }
-}
-
-function parseGithubRepoSlug(slug) {
-  const components = slug.split('/')
-  if (components.length !== 2) {
-    throw Error(`Invalid GitHub repo slug: ${slug}`)
-  }
-  const [owner, repo] = components
-  return { owner, repo }
-}
-
-function _inferPullRequestFromTravisEnv(env) {
-  const { owner, repo } = parseGithubRepoSlug(env.TRAVIS_REPO_SLUG)
-  const pullRequest = +env.TRAVIS_PULL_REQUEST
-  return {
-    owner,
-    repo,
-    pullRequest,
-    slug: formatSlug(owner, repo, pullRequest),
-  }
-}
-
-function _inferPullRequestFromCircleEnv(env) {
-  return parseGithubPullRequestUrl(
-    env.CI_PULL_REQUEST || env.CIRCLE_PULL_REQUEST
-  )
-}
-
-/**
- * When called inside a CI build, infer the details
- * of a pull request from the environment variables.
- *
- * @param {object} [env=process.env] Environment variables
- * @returns {module:core/service-test-runner/infer-pull-request~PullRequest}
- *    Pull Request
- */
-function inferPullRequest(env = process.env) {
-  if (env.TRAVIS) {
-    return _inferPullRequestFromTravisEnv(env)
-  } else if (env.CIRCLECI) {
-    return _inferPullRequestFromCircleEnv(env)
-  } else if (env.CI) {
-    throw Error(
-      'Unsupported CI system. Unable to obtain pull request information from the environment.'
-    )
-  } else {
-    throw Error(
-      'Unable to obtain pull request information from the environment. Is this running in CI?'
-    )
-  }
-}
-
-/**
- * Pull Request
- *
- * @typedef PullRequest
- * @property {string} pr.baseUrl (returned for travis CI only)
- * @property {string} owner
- * @property {string} repo
- * @property {string} pullRequest PR/issue number
- * @property {string} slug owner/repo/#pullRequest
- */
-
-export { parseGithubPullRequestUrl, parseGithubRepoSlug, inferPullRequest }
--- a/core/service-test-runner/infer-pull-request.spec.js
+++ b/core/service-test-runner/infer-pull-request.spec.js
@@ -1,48 +0,0 @@
-import { test, given, forCases } from 'sazerac'
-import {
-  parseGithubPullRequestUrl,
-  inferPullRequest,
-} from './infer-pull-request.js'
-
-describe('Pull request inference', function () {
-  test(parseGithubPullRequestUrl, () => {
-    forCases([
-      given('https://github.com/badges/shields/pull/1234'),
-      given('https://github.com/badges/shields/pull/1234', {
-        verifyBaseUrl: 'https://github.com',
-      }),
-    ]).expect({
-      baseUrl: 'https://github.com',
-      owner: 'badges',
-      repo: 'shields',
-      pullRequest: 1234,
-      slug: 'badges/shields#1234',
-    })
-
-    given('https://github.com/badges/shields/pull/1234', {
-      verifyBaseUrl: 'https://example.com',
-    }).expectError(
-      'Expected base URL to be https://example.com but got https://github.com'
-    )
-  })
-
-  test(inferPullRequest, () => {
-    const expected = {
-      owner: 'badges',
-      repo: 'shields',
-      pullRequest: 1234,
-      slug: 'badges/shields#1234',
-    }
-
-    given({
-      CIRCLECI: '1',
-      CI_PULL_REQUEST: 'https://github.com/badges/shields/pull/1234',
-    }).expect(Object.assign({ baseUrl: 'https://github.com' }, expected))
-
-    given({
-      TRAVIS: '1',
-      TRAVIS_REPO_SLUG: 'badges/shields',
-      TRAVIS_PULL_REQUEST: '1234',
-    }).expect(expected)
-  })
-})
--- a/core/service-test-runner/pull-request-services-cli.js
+++ b/core/service-test-runner/pull-request-services-cli.js
@@ -1,5 +1,5 @@
-// Infer the current PR from the Travis environment, and look for bracketed,
-// space-separated service names in the pull request title.
+// Derive a list of service tests to run based on
+// space-separated service names in the PR title.
 //
 // Output the list of services.
 //
@@ -8,54 +8,26 @@
 // Output:
 // travis
 // sonar
-//
-// Example:
-//
-// TRAVIS=1 TRAVIS_REPO_SLUG=badges/shields TRAVIS_PULL_REQUEST=1108 npm run test:services:pr:prepare

-import got from 'got'
-import { inferPullRequest } from './infer-pull-request.js'
 import servicesForTitle from './services-for-title.js'

-async function getTitle(owner, repo, pullRequest) {
-  const {
-    body: { title },
-  } = await got(
-    `https://api.github.com/repos/${owner}/${repo}/pulls/${pullRequest}`,
-    {
-      headers: {
-        'User-Agent': 'badges/shields',
-        Authorization: `token ${process.env.GITHUB_TOKEN}`,
-      },
-      responseType: 'json',
-    }
-  )
-  return title
+let title
+
+try {
+  if (process.argv.length < 3) {
+    throw new Error()
+  }
+  title = process.argv[2]
+} catch (e) {
+  console.error('Error processing arguments')
+  process.exit(1)
 }

-async function main() {
-  const { owner, repo, pullRequest, slug } = inferPullRequest()
-  console.error(`PR: ${slug}`)
-
-  const title = await getTitle(owner, repo, pullRequest)
-
-  console.error(`Title: ${title}\n`)
-  const services = servicesForTitle(title)
-  if (services.length === 0) {
-    console.error('No services found. Nothing to do.')
-  } else {
-    console.error(
-      `Services: (${services.length} found) ${services.join(', ')}\n`
-    )
-    console.log(services.join('\n'))
-  }
+console.error(`Title: ${title}\n`)
+const services = servicesForTitle(title)
+if (services.length === 0) {
+  console.error('No services found. Nothing to do.')
+} else {
+  console.error(`Services: (${services.length} found) ${services.join(', ')}\n`)
+  console.log(services.join('\n'))
 }
-
-;(async () => {
-  try {
-    await main()
-  } catch (e) {
-    console.error(e)
-    process.exit(1)
-  }
-})()
--- a/core/token-pooling/redis-token-persistence.integration.js
+++ b/core/token-pooling/redis-token-persistence.integration.js
@@ -1,95 +0,0 @@
-import RedisServer from 'redis-server'
-import Redis from 'ioredis'
-import { expect } from 'chai'
-import RedisTokenPersistence from './redis-token-persistence.js'
-
-describe('Redis token persistence', function () {
-  let server
-  // In CI, expect redis already to be running.
-  if (!process.env.CI) {
-    beforeEach(async function () {
-      server = new RedisServer({ config: { host: 'localhost' } })
-      await server.open()
-    })
-  }
-
-  const key = 'tokenPersistenceIntegrationTest'
-
-  let redis
-  beforeEach(async function () {
-    redis = new Redis()
-    await redis.del(key)
-  })
-  afterEach(async function () {
-    if (redis) {
-      await redis.quit()
-      redis = undefined
-    }
-  })
-
-  if (!process.env.CI) {
-    afterEach(async function () {
-      await server.close()
-      server = undefined
-    })
-  }
-
-  let persistence
-  beforeEach(function () {
-    persistence = new RedisTokenPersistence({ key })
-  })
-  afterEach(async function () {
-    if (persistence) {
-      await persistence.stop()
-      persistence = undefined
-    }
-  })
-
-  context('when the key does not exist', function () {
-    it('does nothing', async function () {
-      const tokens = await persistence.initialize()
-      expect(tokens).to.deep.equal([])
-    })
-  })
-
-  context('when the key exists', function () {
-    const initialTokens = ['a', 'b', 'c'].map(char => char.repeat(40))
-
-    beforeEach(async function () {
-      await redis.sadd(key, initialTokens)
-    })
-
-    it('loads the contents', async function () {
-      const tokens = await persistence.initialize()
-      expect(tokens.sort()).to.deep.equal(initialTokens)
-    })
-
-    context('when tokens are added', function () {
-      it('saves the change', async function () {
-        const newToken = 'e'.repeat(40)
-        const expected = initialTokens.slice()
-        expected.push(newToken)
-
-        await persistence.initialize()
-        await persistence.noteTokenAdded(newToken)
-
-        const savedTokens = await redis.smembers(key)
-        expect(savedTokens.sort()).to.deep.equal(expected)
-      })
-    })
-
-    context('when tokens are removed', function () {
-      it('saves the change', async function () {
-        const expected = Array.from(initialTokens)
-        const toRemove = expected.pop()
-
-        await persistence.initialize()
-
-        await persistence.noteTokenRemoved(toRemove)
-
-        const savedTokens = await redis.smembers(key)
-        expect(savedTokens.sort()).to.deep.equal(expected)
-      })
-    })
-  })
-})
--- a/core/token-pooling/redis-token-persistence.js
+++ b/core/token-pooling/redis-token-persistence.js
@@ -1,57 +0,0 @@
-import { URL } from 'url'
-import Redis from 'ioredis'
-import log from '../server/log.js'
-
-export default class RedisTokenPersistence {
-  constructor({ url, key }) {
-    this.url = url
-    this.key = key
-    this.noteTokenAdded = this.noteTokenAdded.bind(this)
-    this.noteTokenRemoved = this.noteTokenRemoved.bind(this)
-  }
-
-  async initialize() {
-    const options =
-      this.url && this.url.startsWith('rediss:')
-        ? {
-            //  https://www.compose.com/articles/ssl-connections-arrive-for-redis-on-compose/
-            tls: { servername: new URL(this.url).hostname },
-          }
-        : undefined
-    this.redis = new Redis(this.url, options)
-    this.redis.on('error', e => {
-      log.error(e)
-    })
-
-    const tokens = await this.redis.smembers(this.key)
-    return tokens
-  }
-
-  async stop() {
-    await this.redis.quit()
-  }
-
-  async onTokenAdded(token) {
-    await this.redis.sadd(this.key, token)
-  }
-
-  async onTokenRemoved(token) {
-    await this.redis.srem(this.key, token)
-  }
-
-  async noteTokenAdded(token) {
-    try {
-      await this.onTokenAdded(token)
-    } catch (e) {
-      log.error(e)
-    }
-  }
-
-  async noteTokenRemoved(token) {
-    try {
-      await this.onTokenRemoved(token)
-    } catch (e) {
-      log.error(e)
-    }
-  }
-}
--- a/core/token-pooling/sql-token-persistence.integration.js
+++ b/core/token-pooling/sql-token-persistence.integration.js
@@ -0,0 +1,103 @@
+import pg from 'pg'
+import { expect } from 'chai'
+import configModule from 'config'
+import SqlTokenPersistence from './sql-token-persistence.js'
+
+const config = configModule.util.toObject()
+const postgresUrl = config?.private?.postgres_url
+const tableName = 'token_persistence_integration_test'
+
+describe('SQL token persistence', function () {
+  let pool
+  let persistence
+
+  before('Mock db connection and load app', async function () {
+    // Create a new pool with a connection limit of 1
+    pool = new pg.Pool({
+      connectionString: postgresUrl,
+
+      // Reuse the connection to make sure we always hit the same pg_temp schema
+      max: 1,
+
+      // Disable auto-disconnection of idle clients to make sure we always hit the same pg_temp schema
+      idleTimeoutMillis: 0,
+    })
+    persistence = new SqlTokenPersistence({
+      url: postgresUrl,
+      table: tableName,
+    })
+  })
+  after(async function () {
+    if (persistence) {
+      await persistence.stop()
+      persistence = undefined
+    }
+  })
+
+  beforeEach('Create temporary table', async function () {
+    await pool.query(
+      `CREATE TEMPORARY TABLE ${tableName} (LIKE github_user_tokens INCLUDING ALL);`
+    )
+  })
+  afterEach('Drop temporary table', async function () {
+    await pool.query(`DROP TABLE IF EXISTS pg_temp.${tableName};`)
+  })
+
+  context('when the key does not exist', function () {
+    it('does nothing', async function () {
+      const tokens = await persistence.initialize(pool)
+      expect(tokens).to.deep.equal([])
+    })
+  })
+
+  context('when the key exists', function () {
+    const initialTokens = ['a', 'b', 'c'].map(char => char.repeat(40))
+
+    beforeEach(async function () {
+      initialTokens.forEach(async token => {
+        await pool.query(
+          `INSERT INTO pg_temp.${tableName} (token) VALUES ($1::text);`,
+          [token]
+        )
+      })
+    })
+
+    it('loads the contents', async function () {
+      const tokens = await persistence.initialize(pool)
+      expect(tokens.sort()).to.deep.equal(initialTokens)
+    })
+
+    context('when tokens are added', function () {
+      it('saves the change', async function () {
+        const newToken = 'e'.repeat(40)
+        const expected = initialTokens.slice()
+        expected.push(newToken)
+
+        await persistence.initialize(pool)
+        await persistence.noteTokenAdded(newToken)
+
+        const result = await pool.query(
+          `SELECT token FROM pg_temp.${tableName};`
+        )
+        const savedTokens = result.rows.map(row => row.token)
+        expect(savedTokens.sort()).to.deep.equal(expected)
+      })
+    })
+
+    context('when tokens are removed', function () {
+      it('saves the change', async function () {
+        const expected = Array.from(initialTokens)
+        const toRemove = expected.pop()
+
+        await persistence.initialize(pool)
+        await persistence.noteTokenRemoved(toRemove)
+
+        const result = await pool.query(
+          `SELECT token FROM pg_temp.${tableName};`
+        )
+        const savedTokens = result.rows.map(row => row.token)
+        expect(savedTokens.sort()).to.deep.equal(expected)
+      })
+    })
+  })
+})
--- a/core/token-pooling/sql-token-persistence.js
+++ b/core/token-pooling/sql-token-persistence.js
@@ -0,0 +1,57 @@
+import pg from 'pg'
+import log from '../server/log.js'
+
+export default class SqlTokenPersistence {
+  constructor({ url, table }) {
+    this.url = url
+    this.table = table
+    this.noteTokenAdded = this.noteTokenAdded.bind(this)
+    this.noteTokenRemoved = this.noteTokenRemoved.bind(this)
+  }
+
+  async initialize(pool) {
+    if (pool) {
+      this.pool = pool
+    } else {
+      this.pool = new pg.Pool({ connectionString: this.url })
+    }
+    const result = await this.pool.query(`SELECT token FROM ${this.table};`)
+    return result.rows.map(row => row.token)
+  }
+
+  async stop() {
+    if (this.pool) {
+      await this.pool.end()
+    }
+  }
+
+  async onTokenAdded(token) {
+    return await this.pool.query(
+      `INSERT INTO ${this.table} (token) VALUES ($1::text) ON CONFLICT (token) DO NOTHING;`,
+      [token]
+    )
+  }
+
+  async onTokenRemoved(token) {
+    return await this.pool.query(
+      `DELETE FROM ${this.table} WHERE token=$1::text;`,
+      [token]
+    )
+  }
+
+  async noteTokenAdded(token) {
+    try {
+      await this.onTokenAdded(token)
+    } catch (e) {
+      log.error(e)
+    }
+  }
+
+  async noteTokenRemoved(token) {
+    try {
+      await this.onTokenRemoved(token)
+    } catch (e) {
+      log.error(e)
+    }
+  }
+}
--- a/cypress/e2e/main-page.cy.js
+++ b/cypress/e2e/main-page.cy.js
@@ -2,16 +2,9 @@ import { registerCommand } from 'cypress-wait-for-stable-dom'

 registerCommand()

-describe('Main page', function () {
+describe('Frontend', function () {
  const backendUrl = Cypress.env('backend_url')
-  const SEARCH_INPUT = 'input[placeholder="search / project URL"]'
-
-  function expectBadgeExample(title, previewUrl, pattern) {
-    cy.contains('tr', `${title}:`).find('code').should('have.text', pattern)
-    cy.contains('tr', `${title}:`)
-      .find('img')
-      .should('have.attr', 'src', previewUrl)
-  }
+  const SEARCH_INPUT = 'input[placeholder="Search"]'

  function visitAndWait(page) {
    cy.visit(page)
@@ -26,56 +19,37 @@ describe('Main page', function () {
    cy.contains('PyPI - License')
  })

-  it('Shows badge from category', function () {
-    visitAndWait('/category/chat')
+  it('Shows badges from category', function () {
+    visitAndWait('/badges')

-    expectBadgeExample(
-      'Discourse status',
-      'http://localhost:8080/badge/discourse-online-brightgreen',
-      '/discourse/status?server=https%3A%2F%2Fmeta.discourse.org'
-    )
+    cy.contains('Build')
+    cy.contains('Chat').click()
+
+    cy.contains('Discourse status')
+    cy.contains('Stack Exchange questions')
  })

-  it('Suggest badges', function () {
-    const badgeUrl = `${backendUrl}/github/issues/badges/shields`
-    visitAndWait('/')
+  it('Shows expected code examples', function () {
+    visitAndWait('/badges/static-badge')

-    cy.get(SEARCH_INPUT).type('https://github.com/badges/shields')
-    cy.contains('Suggest badges').click()
-
-    expectBadgeExample('GitHub issues', badgeUrl, badgeUrl)
+    cy.contains('button', 'URL').should('have.class', 'api-code-tab')
+    cy.contains('button', 'Markdown').should('have.class', 'api-code-tab')
+    cy.contains('button', 'rSt').should('have.class', 'api-code-tab')
+    cy.contains('button', 'AsciiDoc').should('have.class', 'api-code-tab')
+    cy.contains('button', 'HTML').should('have.class', 'api-code-tab')
  })

-  it('Customization form is filled with suggested badge details', function () {
-    const badgeUrl = `${backendUrl}/github/issues/badges/shields`
-    visitAndWait('/')
-    cy.get(SEARCH_INPUT).type('https://github.com/badges/shields')
-    cy.contains('Suggest badges').click()
+  it('Build a badge', function () {
+    visitAndWait('/badges/git-hub-issues')

-    cy.contains(badgeUrl).click()
+    cy.contains('/github/issues/:user/:repo')

-    cy.get('input[name="user"]').should('have.value', 'badges')
-    cy.get('input[name="repo"]').should('have.value', 'shields')
-  })
+    cy.get('input[placeholder="user"]').type('badges')
+    cy.get('input[placeholder="repo"]').type('shields')

-  it('Customizate suggested badge', function () {
-    const badgeUrl = `${backendUrl}/github/issues/badges/shields`
-    visitAndWait('/')
-    cy.get(SEARCH_INPUT).type('https://github.com/badges/shields')
-    cy.contains('Suggest badges').click()
-    cy.contains(badgeUrl).click()
-
-    cy.get('table input[name="color"]').type('orange')
-
-    cy.get(`img[src='${backendUrl}/github/issues/badges/shields?color=orange']`)
-  })
-
-  it('Do not duplicate example parameters', function () {
-    visitAndWait('/category/funding')
-
-    cy.contains('GitHub Sponsors').click()
-    cy.get('[name="style"]').should($style => {
-      expect($style).to.have.length(1)
-    })
+    cy.intercept('GET', `${backendUrl}/github/issues/badges/shields`).as('get')
+    cy.contains('Execute').click()
+    cy.wait('@get').its('response.statusCode').should('eq', 200)
+    cy.get('img[id="badge-preview"]')
  })
 })
--- a/dangerfile.js
+++ b/dangerfile.js
@@ -11,13 +11,12 @@
 // DANGER_GITHUB_API_TOKEN=your-github-api-token npm run danger -- pr https://github.com/badges/shields/pull/2665

 const { danger, fail, message, warn } = require('danger')
-const { default: noTestShortcuts } = require('danger-plugin-no-test-shortcuts')
 const { fileMatch } = danger.git

 const documentation = fileMatch(
  '**/*.md',
-  'frontend/components/usage.tsx',
-  'frontend/pages/endpoint.tsx'
+  'frontend/docs/**',
+  'frontend/src/**'
 )
 const server = fileMatch('core/server/**.js', '!*.spec.js')
 const serverTests = fileMatch('core/server/**.spec.js')
@@ -173,11 +172,3 @@ affectedServices.forEach(service => {
    )
  }
 })
-
-// Prevent merging exclusive services tests.
-noTestShortcuts({
-  testFilePredicate: filePath => filePath.endsWith('.tester.js'),
-  patterns: {
-    only: ['only()'],
-  },
-})
--- a/doc/TUTORIAL.md
+++ b/doc/TUTORIAL.md
@@ -44,7 +44,7 @@ In case you get the _"getaddrinfo ENOTFOUND localhost"_ error, visit [http://127

 ## (3) Open an Issue

-Before you want to implement your service, you may want to [open an issue](https://github.com/badges/shields/issues/new?template=3_Badge_request.md) and describe what you have in mind:
+Before you want to implement your service, you may want to [open an issue](https://github.com/badges/shields/issues/new?template=3_Badge_request.yml) and describe what you have in mind:

 - What is the badge for?
 - Which API do you want to use?
@@ -229,14 +229,14 @@ Description of the code:

   - `_requestJson()` automatically adds an Accept header, checks the status code, parses the response as JSON, and returns the parsed response.
   - `_requestJson()` uses [got](https://github.com/sindresorhus/got) to perform the HTTP request. Options can be passed to got, including method, query string, and headers. If headers are provided they will override the ones automatically set by `_requestJson()`. There is no need to specify json, as the JSON parsing is handled by `_requestJson()`. See the `got` docs for [supported options](https://github.com/sindresorhus/got/blob/main/documentation/2-options.md).
-   - Error messages corresponding to each status code can be returned by passing a dictionary of status codes -> messages in `errorMessages`.
+   - Error messages corresponding to each status code can be returned by passing a dictionary of status codes -> messages in `httpErrors`.
   - A more complex call to `_requestJson()` might look like this:
     ```js
     return this._requestJson({
       schema: mySchema,
       url,
       options: { searchParams: { branch: 'master' } },
-       errorMessages: {
+       httpErrors: {
         401: 'private application not supported',
         404: 'application not found',
       },
--- a/doc/authentication.md
+++ b/doc/authentication.md
@@ -0,0 +1,8 @@
+# Badges Requiring Authentication
+
+There are two patterns for how shields.io can interact with APIs that require auth:
+
+1. We can store one token at the service level which allows us to read public data for everyone's projects, or lift a rate limit. If you are looking for information on configuring credentials for a self-hosted instance see https://github.com/badges/shields/blob/master/doc/server-secrets.md
+2. If every user needs to provide their own token, that has to be a token which can be passed to us as a query param in the badge URL. This means it must be possible to generate a key or token that can be exposed in a public github README public with no negative consequences. (i.e: that key or token only exposes public metrics).
+
+If every user would need to supply their own token for some particular service and it is only possible to generate a key or token which allows access to sensitive data or allows write access to resources, we can't provide an integration for this service.
--- a/doc/code-walkthrough.md
+++ b/doc/code-walkthrough.md
@@ -4,7 +4,7 @@

 The Shields codebase is divided into several parts:

-1.  The frontend (about 7% of the code)
+1.  The frontend
    1. [`frontend`][frontend]
 2.  The badge renderer (which is available as an npm package)
    1.  [`badge-maker`][badge-maker]
@@ -20,8 +20,6 @@ The Shields codebase is divided into several parts:
    1.  `*.js` in the root of [`services`][services]
 7.  The services themselves (about 80% of the code)
    1.  `*.js` in the folders of [`services`][services]
-8.  The badge suggestion endpoint (Note: it's tested as if it’s a service.)
-    1.  [`lib/suggest.js`][suggest]

 [frontend]: https://github.com/badges/shields/tree/master/frontend
 [badge-maker]: https://github.com/badges/shields/tree/master/badge-maker
@@ -29,33 +27,32 @@ The Shields codebase is divided into several parts:
 [server]: https://github.com/badges/shields/tree/master/core/server
 [token-pooling]: https://github.com/badges/shields/tree/master/core/token-pooling
 [services]: https://github.com/badges/shields/tree/master/services
-[suggest]: https://github.com/badges/shields/tree/master/lib/suggest.js

 The tests are also divided into several parts:

-1.  Unit and functional tests of the frontend
-    1.  `frontend/**/*.spec.js`
-2.  Unit and functional tests of the badge renderer
+1.  Unit and functional tests of the badge renderer
    1.  `badge-maker/**/*.spec.js`
-3.  Unit and functional tests of the core code
+2.  Unit and functional tests of the core code
    1.  `core/**/*.spec.js`
-4.  Unit and functional tests of the service helper functions
+3.  Unit and functional tests of the service helper functions
    1.  `services/*.spec.js`
-5.  Unit and functional tests of the service code (we have only a few of these)
+4.  Unit and functional tests of the service code (we have only a few of these)
    1.  `services/*/**/*.spec.js`
+5.  End-to-end tests for the frontend
+    1.  `cypress/e2e/*.cy.js`
 6.  The service tester and service test runner
    1.  [`core/service-test-runner`][service-test-runner]
 7.  [The service tests themselves][service tests] live integration tests of the
    services, and some mocked tests
    1.  `*.tester.js` in subfolders of [`services`][services]
-8.  Integration tests of Redis-backed persistence code
-    1.  [`core/token-pooling/redis-token-persistence.integration.js`][redis-token-persistence.integration]
+8.  Integration tests of PostgreSQL-backed persistence code
+    1.  [`core/token-pooling/sql-token-persistence.integration.js`][sql-token-persistence.integration]
 9.  Integration tests of the GitHub authorization code
    1.  [`services/github/github-api-provider.integration.js`][github-api-provider.integration]

 [service-test-runner]: https://github.com/badges/shields/tree/master/core/service-test-runner
 [service tests]: https://github.com/badges/shields/blob/master/doc/service-tests.md
-[redis-token-persistence.integration]: https://github.com/badges/shields/blob/master/core/token-pooling/redis-token-persistence.integration.js
+[sql-token-persistence.integration]: https://github.com/badges/shields/blob/master/core/token-pooling/sql-token-persistence.integration.js
 [github-api-provider.integration]: https://github.com/badges/shields/blob/master/services/github/github-api-provider.integration.js

 Our goal is to reach 100% coverage of the code in the
--- a/doc/deprecating-badges.md
+++ b/doc/deprecating-badges.md
@@ -90,6 +90,8 @@ Past that point, all related code will be deleted, and a not found error will be

 Here is a listing of all deleted badges that were once part of the Shields.io service:

+- Beerpay
+- Bintray
 - bitHound
 - Cauditor
 - CocoaPods Apps
@@ -97,6 +99,8 @@ Here is a listing of all deleted badges that were once part of the Shields.io se
 - Codetally
 - continuousphp
 - Coverity
+- David
+- dependabot
 - Dockbit
 - Dotnet Status
 - Gemnasium
@@ -107,8 +111,11 @@ Here is a listing of all deleted badges that were once part of the Shields.io se
 - Leanpub
 - Libscore
 - Magnum CI
+- MicroBadger
 - NSP
 - PHP Eye
+- requires.io
+- Shippable
 - Snap CI
 - VersionEye
 - Waffle
--- a/doc/logos.md
+++ b/doc/logos.md
@@ -22,6 +22,18 @@ Any custom logo can be passed in a URL parameter by base64 encoding it. e.g:

 ![](https://img.shields.io/badge/play-station-blue.svg?logo=data:image/svg%2bxml;base64,PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHZlcnNpb249IjEiIHdpZHRoPSI2MDAiIGhlaWdodD0iNjAwIj48cGF0aCBkPSJNMTI5IDExMWMtNTUgNC05MyA2Ni05MyA3OEwwIDM5OGMtMiA3MCAzNiA5MiA2OSA5MWgxYzc5IDAgODctNTcgMTMwLTEyOGgyMDFjNDMgNzEgNTAgMTI4IDEyOSAxMjhoMWMzMyAxIDcxLTIxIDY5LTkxbC0zNi0yMDljMC0xMi00MC03OC05OC03OGgtMTBjLTYzIDAtOTIgMzUtOTIgNDJIMjM2YzAtNy0yOS00Mi05Mi00MmgtMTV6IiBmaWxsPSIjZmZmIi8+PC9zdmc+) - https://img.shields.io/badge/play-station-blue.svg?logo=data:image/svg%2bxml;base64,PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHZlcnNpb249IjEiIHdpZHRoPSI2MDAiIGhlaWdodD0iNjAwIj48cGF0aCBkPSJNMTI5IDExMWMtNTUgNC05MyA2Ni05MyA3OEwwIDM5OGMtMiA3MCAzNiA5MiA2OSA5MWgxYzc5IDAgODctNTcgMTMwLTEyOGgyMDFjNDMgNzEgNTAgMTI4IDEyOSAxMjhoMWMzMyAxIDcxLTIxIDY5LTkxbC0zNi0yMDljMC0xMi00MC03OC05OC03OGgtMTBjLTYzIDAtOTIgMzUtOTIgNDJIMjM2YzAtNy0yOS00Mi05Mi00MmgtMTV6IiBmaWxsPSIjZmZmIi8+PC9zdmc+

+### logoColor parameter
+
+The `logoColor` param can be used to set the color of the logo. Hex, rgb, rgba, hsl, hsla and css named colors can all be used. For SimpleIcons named logos (which are monochrome), the color will be applied to the SimpleIcons logo.
+
+- ![](https://img.shields.io/badge/logo-javascript-blue?logo=javascript) - https://img.shields.io/badge/logo-javascript-blue?logo=javascript
+- ![](https://img.shields.io/badge/logo-javascript-blue?logo=javascript&logoColor=f5f5f5) - https://img.shields.io/badge/logo-javascript-blue?logo=javascript&logoColor=f5f5f5
+
+In the case where Shields hosts a custom multi-colored logo, if the `logoColor` param is passed, the corresponding SimpleIcons logo will be substituted and colored.
+
+- ![](https://img.shields.io/badge/logo-gitlab-blue?logo=gitlab) - https://img.shields.io/badge/logo-gitlab-blue?logo=gitlab
+- ![](https://img.shields.io/badge/logo-gitlab-blue?logo=gitlab&logoColor=white) - https://img.shields.io/badge/logo-gitlab-blue?logo=gitlab&logoColor=white
+
 ## Contributing Logos

 Our preferred way to consume icons is via the SimpleIcons logo. As a first port of call, we encourage you to contribute logos to [the SimpleIcons project][simple-icons github]. Please review their [guidance](https://github.com/simple-icons/simple-icons/blob/develop/CONTRIBUTING.md) before contributing.
--- a/doc/production-hosting.md
+++ b/doc/production-hosting.md
@@ -14,49 +14,41 @@ Production hosting is managed by the Shields ops team:
 [operations issues]: https://github.com/badges/shields/issues?q=is%3Aissue+is%3Aopen+label%3Aoperations
 [ops discord]: https://discordapp.com/channels/308323056592486420/480747695879749633

-| Component                     | Subcomponent                    | People with access                                              |
-| ----------------------------- | ------------------------------- | --------------------------------------------------------------- |
-| shields-io-production         | Full access                     | @calebcartwright, @chris48s, @paulmelnikow                      |
-| shields-io-production         | Access management               | @calebcartwright, @chris48s, @paulmelnikow                      |
-| Compose.io Redis              | Account owner                   | @paulmelnikow                                                   |
-| Compose.io Redis              | Account access                  | @paulmelnikow                                                   |
-| Compose.io Redis              | Database connection credentials | @calebcartwright, @chris48s, @paulmelnikow, @pyvesb             |
-| Raster server                 | Full access as team members     | @paulmelnikow, @chris48s, @calebcartwright, @platan             |
-| shields-server.com redirector | Full access as team members     | @paulmelnikow, @chris48s, @calebcartwright, @platan             |
-| Cloudflare (CDN)              | Account owner                   | @espadrine                                                      |
-| Cloudflare (CDN)              | Access management               | @espadrine                                                      |
-| Cloudflare (CDN)              | Admin access                    | @calebcartwright, @chris48s, @espadrine, @paulmelnikow, @PyvesB |
-| Twitch                        | OAuth app                       | @PyvesB                                                         |
-| Discord                       | OAuth app                       | @PyvesB                                                         |
-| YouTube                       | Account owner                   | @PyvesB                                                         |
-| GitLab                        | Account owner                   | @calebcartwright                                                |
-| GitLab                        | Account access                  | @calebcartwright, @chris48s, @paulmelnikow, @PyvesB             |
-| OpenStreetMap (for Wheelmap)  | Account owner                   | @paulmelnikow                                                   |
-| DNS                           | Account owner                   | @olivierlacan                                                   |
-| DNS                           | Read-only account access        | @espadrine, @paulmelnikow, @chris48s                            |
-| Sentry                        | Error reports                   | @espadrine, @paulmelnikow                                       |
-| Metrics server                | Owner                           | @platan                                                         |
-| UptimeRobot                   | Account owner                   | @paulmelnikow                                                   |
-| More metrics                  | Owner                           | @RedSparr0w                                                     |
+| Component                     | Subcomponent                | People with access                                              |
+| ----------------------------- | --------------------------- | --------------------------------------------------------------- |
+| shields-io-production         | Full access                 | @calebcartwright, @chris48s, @paulmelnikow                      |
+| shields-io-production         | Access management           | @calebcartwright, @chris48s, @paulmelnikow                      |
+| Raster server                 | Full access as team members | @paulmelnikow, @chris48s, @calebcartwright, @platan             |
+| shields-server.com redirector | Full access as team members | @paulmelnikow, @chris48s, @calebcartwright, @platan             |
+| Cloudflare (CDN)              | Account owner               | @espadrine                                                      |
+| Cloudflare (CDN)              | Access management           | @espadrine                                                      |
+| Cloudflare (CDN)              | Admin access                | @calebcartwright, @chris48s, @espadrine, @paulmelnikow, @PyvesB |
+| Twitch                        | OAuth app                   | @PyvesB                                                         |
+| Discord                       | OAuth app                   | @PyvesB                                                         |
+| YouTube                       | Account owner               | @PyvesB                                                         |
+| GitLab                        | Account owner               | @calebcartwright                                                |
+| GitLab                        | Account access              | @calebcartwright, @chris48s, @paulmelnikow, @PyvesB             |
+| OpenStreetMap (for Wheelmap)  | Account owner               | @paulmelnikow                                                   |
+| DNS                           | Account owner               | @olivierlacan                                                   |
+| DNS                           | Read-only account access    | @espadrine, @paulmelnikow, @chris48s                            |
+| Sentry                        | Error reports               | @espadrine, @paulmelnikow                                       |
+| Metrics server                | Owner                       | @platan                                                         |
+| UptimeRobot                   | Account owner               | @paulmelnikow                                                   |
+| More metrics                  | Owner                       | @RedSparr0w                                                     |

 ## Attached state

 Shields has mercifully little persistent state:

-1. The GitHub tokens we collect are saved on each server in a cloud Redis
-   database. They can also be fetched from the [GitHub auth admin endpoint][]
-   for debugging.
+1. The GitHub tokens we collect are stored in a fly.io postgres database
 2. The server keeps the [resource cache][] in memory. It is neither
   persisted nor inspectable.

-[github auth admin endpoint]: https://github.com/badges/shields/blob/master/services/github/auth/admin.js
 [resource cache]: https://github.com/badges/shields/blob/master/core/base-service/resource-cache.js

 ## Configuration

-To bootstrap the configuration process,
-[the script that starts the server][start-shields.sh] sets a single
-environment variable:
+To bootstrap the configuration of non-secret settings, we set a single environment variable:

 ```
 NODE_CONFIG_ENV=shields-io-production
@@ -71,7 +63,8 @@ files:
  contains non-secrets which are checked in to the main repo.
 - [`default.yml`][default.yml]. This file contains defaults.

-[start-shields.sh]: https://github.com/badges/ServerScript/blob/master/start-shields.sh#L7
+Secrets are supplied directly as environment vars.
+
 [config]: https://github.com/lorenwest/node-config/wiki/Configuration-Files
 [local-shields-io-production.yml]: ../config/local-shields-io-production.template.yml
 [shields-io-production.yml]: ../config/shields-io-production.yml
--- a/Show More
+++ b/Show More