‹ Reports
The Dispatch

GitHub Repo Analysis: hoppscotch/hoppscotch


Executive Summary

The Hoppscotch project is an open-source API development tool designed to provide a lightweight alternative to popular platforms like Postman and Insomnia. It is maintained by a vibrant community and has gained significant traction with over 69,000 stars on GitHub. The project is actively developed, with recent updates focusing on enhancing user experience and expanding feature support.

Recent Activity

Team Members and Contributions

  1. Shreyas (CuriousCorrelation)

    • Fixed version bump regression, improved updater UX, addressed TypeScript warnings.
    • Collaborated with James George.
  2. Andrew Bastin (AndrewBastin)

    • Updated dependencies, resolved GraphQL connection issues.
  3. Akash K (amk-dev)

    • Moved OpenAPI validation to a worker, fixed importer bugs.
  4. James George (jamesgeorge007)

    • Focused on foundational changes for cloud instances, updated lock files.
  5. Anwarul Islam (anwarulislam)

    • Addressed GraphQL authentication headers issues.
  6. Nivedin (nivedin)

    • Fixed environment variable issues, improved UI components.
  7. Joel Jacob Stephen (JoelJacobStephen)

    • Added input validations for server configurations.
  8. Stéfany Larissa (stelardn)

    • Fixed cURL header import issues.
  9. Luzpaz

    • Corrected typos in the self-hosted desktop package.

Patterns and Themes

Risks

Of Note

Quantified Reports

Quantify issues



Recent GitHub Issues Activity

Timespan Opened Closed Comments Labeled Milestones
7 Days 20 27 51 2 1
30 Days 62 45 111 5 1
90 Days 122 59 173 7 1
1 Year 370 188 861 13 1
All Time 1816 1337 - - -

Like all software activity quantification, these numbers are imperfect but sometimes useful. Comments, Labels, and Milestones refer to those issues opened in the timespan in question.

Rate pull requests



3/5
The pull request introduces a new AI diagnosis feature in the Inspector, which is a potentially useful addition. However, it has several issues that need addressing, such as missing error handling (no catch block) and incorrect feedback submission logic (using -1 or 1 instead of 'positive'/'negative'). While the feature is moderately significant, these flaws prevent it from being rated higher. The PR is average, with room for improvement in error handling and logic clarity.
[+] Read More
3/5
The pull request introduces a feature to filter requests by URL in addition to name, which is a useful enhancement for users managing collections. The code changes are concise and focused on the specific functionality, demonstrating good practice in maintaining clarity and purpose. However, the feature is not groundbreaking or complex enough to warrant a higher rating, and the PR lacks extensive documentation or testing details that could elevate its quality. Overall, it is a solid contribution but remains within the realm of average improvements.
[+] Read More
3/5
The pull request introduces a small but useful change by prioritizing the 'APP_PORT' environment variable over 'PORT' for backend configuration. This change is straightforward and improves configurability, but it is minor in scope and impact, affecting only two lines of code. The implementation is correct and does not introduce any apparent issues, but it lacks significant complexity or innovation to warrant a higher rating. It is a typical example of an average PR that fulfills its purpose without any notable flaws or exceptional qualities.
[+] Read More
3/5
The pull request addresses a specific issue by removing the decodeURIComponent function to allow encoded characters in API endpoints, which is a necessary change for certain use cases. However, the change is minimal, involving only a single line modification, and does not address related code generation issues, which are handled in a separate repository. While it resolves the immediate problem, the PR is relatively small in scope and impact, making it an average contribution.
[+] Read More
3/5
This pull request addresses a specific issue by correcting the folder structure during collection import, ensuring requests are added to the correct child folders. The change is minimal, involving a single line addition, which suggests it is a targeted fix rather than a comprehensive overhaul. While it closes an existing issue (#4171), the scope of the change is relatively small and does not introduce significant new functionality or improvements. Therefore, it is rated as average, reflecting its unremarkable yet necessary nature.
[+] Read More
3/5
This pull request addresses a specific bug by making a minor code change, which is necessary but not particularly significant. The change involves a single line modification to correct the coordinates calculation for text selection, ensuring the context menu appears correctly. While it solves a usability issue, the change is straightforward and lacks broader impact or complexity. Thus, it is an average PR, neither flawed nor exceptional.
[+] Read More
4/5
This pull request provides a comprehensive set of improvements and fixes for the GraphQL query builder, addressing multiple issues such as invalid subscription document states, UI contrast problems, and adding new functionality for argument status indication. The changes are well-documented across various components with a significant number of lines modified, indicating a thorough approach. However, while the PR is quite good and complete, it lacks a groundbreaking or highly significant change that would warrant a perfect score.
[+] Read More
4/5
The pull request introduces a useful feature for sorting requests alphabetically within collection folders, enhancing user experience. The implementation is well-structured, adding new functionality with minimal changes to existing code. The code changes are clear and concise, with appropriate use of Vue.js components and state management. However, the PR could benefit from additional tests or documentation to ensure robustness and maintainability. Overall, it's a significant and well-executed feature addition but lacks some completeness in testing or documentation.
[+] Read More
4/5
The pull request addresses a specific issue by enabling gzip and deflate decoding in the curl handler, which is a valuable enhancement for handling compressed responses. It includes new tests for gzip and deflate encoding, improving the project's test coverage. However, the author notes that the tests could be improved, indicating room for enhancement. The changes are well-structured and documented, but the lack of comprehensive testing and potential improvements in test quality prevent it from being rated as exemplary.
[+] Read More
4/5
The pull request effectively improves the logic for handling authentication headers by clearly defining conditions to skip adding authorization headers, enhancing code clarity and functionality. The change is significant in terms of improving the software's authentication mechanism, but it is not a major overhaul or feature addition. The update is concise, with minimal lines of code changed, indicating a focused improvement without unnecessary complexity.
[+] Read More

Quantify commits



Quantified Commit Activity Over 14 Days

Developer Avatar Branches PRs Commits Files Changes
Shreyas 4 13/14/1 51 346 62463
James George 1 0/1/0 3 35 1660
Nivedin 4 7/7/0 9 15 776
Anwarul Islam 2 3/4/0 4 10 331
Akash K 1 2/2/0 2 7 207
Joel Jacob Stephen 1 0/1/0 1 7 73
Stéfany Larissa 1 0/1/0 1 2 43
Andrew Bastin 2 0/0/0 2 2 34
luzpaz 1 1/1/0 1 7 14
Alexandre Rodrigues Batista (xTudoS) 0 2/0/0 0 0 0
Michael Hatch (mvhatch) 0 2/0/1 0 0 0
Chhavi Goyal (chhaviG22) 0 2/0/1 0 0 0
Pranay Pandey (Pranay-Pandey) 0 2/0/0 0 0 0

PRs: created by that dev and opened/merged/closed-unmerged during the period

Quantify risks



Project Risk Ratings

Risk Level (1-5) Rationale
Delivery 4 The project faces a significant backlog with 479 open issues, which poses a risk to delivery timelines. Despite active development and feature enhancements, the accumulation of unresolved issues over various timespans indicates potential challenges in meeting delivery goals. The influx of new feature requests and bug reports further complicates prioritization and resource allocation, impacting delivery efficiency.
Velocity 3 While the project demonstrates active development with significant contributions from key developers, the backlog of open issues and pull requests suggests potential bottlenecks in the review process. This could slow down the overall velocity if not addressed. However, the high level of commit activity indicates a strong development pace, balancing the risk.
Dependency 3 The project involves complex dependency management, particularly with external systems like GraphQL subscriptions. While efforts are made to manage these dependencies effectively, any failure in these external systems could impact project stability. The presence of numerous open pull requests without assigned reviewers also suggests potential coordination issues that could affect dependency management.
Team 3 The team shows strong collaboration and active contribution across various areas of the project. However, the lack of assigned reviewers for many pull requests indicates potential coordination challenges that could lead to inefficiencies or burnout if not managed properly. The high volume of changes necessitates effective communication and resource allocation to maintain team health.
Code Quality 3 The codebase reflects a balance between maintaining existing functionality and introducing new features. However, recurring themes of average pull request ratings and initial lapses in error handling suggest areas for improvement in code quality. Rigorous code reviews and testing processes are needed to ensure higher standards and prevent future lapses.
Technical Debt 4 The substantial backlog growth over time indicates accumulating technical debt, which poses risks to long-term maintainability and scalability. The complexity of operations in key components suggests potential challenges if technical debt is not managed proactively. Addressing this will be crucial for sustainable development.
Test Coverage 3 While there is evidence of comprehensive testing practices in certain areas, such as the persistence service and TeamCollectionService, there is room for improvement in test coverage across more diverse scenarios. Expanding coverage to include edge cases will enhance reliability and reduce risks related to unforeseen errors.
Error Handling 3 Error handling practices are evident in various components, but initial lapses in recent pull requests highlight areas for improvement. Ensuring consistent error handling mechanisms across the codebase will be essential to prevent poor user experiences and maintain application stability.

Detailed Reports

Report On: Fetch issues



Recent Activity Analysis

Recent activity in the Hoppscotch GitHub repository shows a significant influx of new issues, with a total of 479 open issues. The recent issues range from feature requests to bug reports, indicating active community engagement and ongoing development efforts. Notably, there are several issues related to the latest version updates and compatibility with self-hosted instances.

A notable anomaly is the recurring theme of issues related to the desktop app's integration with self-hosted instances (#4812, #4813). Users are experiencing problems with data synchronization and CORS errors, which suggests potential gaps in documentation or configuration challenges that need addressing. Additionally, there are multiple reports of login issues across different platforms (#4813, #4812), highlighting a critical area for improvement.

Another significant theme is the request for enhanced features like support for additional protocols (e.g., GRPC in #4519) and improvements to existing functionalities such as environment variable management (#4743). These requests indicate a demand for more robust and flexible API testing capabilities.

Issue Details

Most Recently Created Issues

  1. #4835: Feature request to close active request tabs using CTRL/CMD + W in the desktop app.

    • Priority: Low
    • Status: Open
    • Created: 0 days ago
  2. #4831: Bug report about connection issues to self-hosted instances due to key validation errors.

    • Priority: High
    • Status: Open
    • Created: 0 days ago
  3. #4830: Bug report on failure to load the history tab.

    • Priority: Medium
    • Status: Open
    • Created: 0 days ago

Most Recently Updated Issues

  1. #4812: Desktop app not loading existing workspaces and requests from self-hosted instances.

    • Priority: High
    • Status: Open
    • Updated: 0 days ago
  2. #4813: Login error on MacOS with Safari.

    • Priority: High
    • Status: Closed
    • Updated: 0 days ago
  3. #4820: Desktop windows showing 404 error in version 2025.2.0.

    • Priority: High
    • Status: Closed
    • Updated: 0 days ago

These issues reflect ongoing challenges with recent updates and integration with self-hosted environments, emphasizing the need for improved documentation and support for users transitioning to new versions or configurations.

Report On: Fetch pull requests



Pull Request Analysis for Hoppscotch Project

Open Pull Requests

Notable Open PRs

  1. #4826: fix(common): correct coordinates calculation for selection end position

    • State: Open
    • Created: 0 days ago
    • Description: Fixes a bug related to text selection in JSON input fields. The context menu now appears correctly at the end of the selection.
    • Comments: This is a recent PR addressing a UI bug, which could improve user experience significantly.
  2. #4818: fix(common): improve authorization header handling

    • State: Open
    • Created: 1 day ago
    • Description: Simplifies logic for handling authentication headers, ensuring no duplicate Authorization headers are added.
    • Comments: Important for maintaining proper request authentication, especially when users define their own headers.
  3. #4792: Remove decodeURIComponent allowing encoded chars

    • State: Open
    • Created: 6 days ago
    • Description: Addresses issues with encoded characters in API endpoints by removing decodeURIComponent.
    • Comments: This change might affect how URLs are parsed and should be tested thoroughly to avoid breaking existing functionality.
  4. #4791: fix: gzip not been able to decode

    • State: Open
    • Created: 6 days ago
    • Description: Adds support for gzip and deflate encoding in curl handler.
    • Comments: Enhances compatibility with APIs using these encodings, potentially broadening Hoppscotch's usability.
  5. #4787: try APP_PORT before PORT env var

    • State: Open
    • Created: 8 days ago
    • Description: Allows backend to prioritize APP_PORT over PORT for server listening.
    • Comments: Useful for environments where port configuration flexibility is needed.

Concerns with Open PRs

  • Some PRs like #4792 and #4791 involve changes that could impact core functionalities (URL parsing and encoding support). These should be reviewed carefully to ensure they don't introduce regressions.
  • PRs such as #4815 and #4785, which deal with collection imports and sorting, should be tested for performance impacts, especially with large datasets.

Recently Closed Pull Requests

Notable Closed PRs

  1. #4834: fix(common): make cursorPosition field optional in HoppGQLDocument type

    • Merged by James George
    • Description: Adjusted the type definition for GraphQL documents to handle optional cursor positions.
    • Comments: A minor but necessary change to prevent potential runtime errors.
  2. #4829: fix: environment variable not working on auth

    • Merged by James George
    • Description: Fixed an issue where environment variables were not parsed correctly in authorization headers.
    • Comments: Critical fix ensuring that dynamic values can be used effectively in authentication scenarios.
  3. #4825: fix: enable aws auth passthrough

    • Merged by James George
    • Description: Added AWS authentication passthrough support.
    • Comments: Expands Hoppscotch's capability to interact with AWS services directly.
  4. #4821: fix: support for apikey auth for native interceptors

    • Merged by James George
    • Description: Restored API key support in native interceptors after regression.
    • Comments: Important for users relying on API key-based authentication.
  5. #4807: fix(common): extension port to relay regression

    • Merged by James George
    • Description: Addressed a regression issue related to extension ports.
    • Comments: Ensures that extensions continue to function as expected after recent updates.

Concerns with Closed PRs

  • The rapid merging of fixes like #4829 and #4821 indicates active maintenance but also suggests potential instability or frequent regressions in recent updates.
  • Changes involving authentication (#4829, #4825) are crucial and should be monitored post-deployment to ensure no new issues arise.

General Observations

  • The project is actively maintained with a focus on improving user experience and expanding compatibility with various authentication methods.
  • Recent PRs show a trend towards refining existing features (e.g., authorization handling, UI improvements) rather than introducing entirely new functionalities.
  • The community involvement is evident from the diverse contributors and rapid response to issues, reflecting a healthy open-source project environment.

Overall, the Hoppscotch project continues to evolve with careful attention to both user feedback and technical improvements, ensuring it remains a competitive tool in the API development space.

Report On: Fetch Files For Assessment



File Analysis

1. packages/hoppscotch-agent/package.json

  • Structure and Content: The package.json file is well-structured and follows the standard format for Node.js projects. It includes metadata such as the package name, version, and type.
  • Dependencies: The dependencies and devDependencies are clearly listed, with versions specified using caret (^) for most packages, indicating a preference for non-breaking updates.
  • Scripts: The scripts section provides commands for development (dev), building (build), previewing (preview), and running Tauri (tauri). This indicates a setup for both development and production environments.
  • Quality: The file is concise and adheres to best practices, such as using private: true to prevent accidental publishing.

2. packages/hoppscotch-desktop/src-tauri/src/lib.rs

  • Structure and Content: This Rust file defines modules and uses several plugins from the Tauri framework. It initializes a server port using OnceLock and sets up various plugins for window state, process management, updates, storage, deep linking, dialogs, shell access, filesystem access, app loading, and relay.
  • Functionality: The run function is comprehensive, setting up the application with multiple plugins and handling deep link events. It also includes error handling for deep link event emissions.
  • Quality: The code is well-organized with clear separation of concerns through modularization. Error handling is present but could be improved with more descriptive error messages or logging.

3. packages/hoppscotch-common/src/services/persistence/index.ts

  • Structure and Content: This TypeScript file implements a persistence service using a kernel store. It manages migrations, settings persistence, history persistence, collections persistence, environment persistence, and more.
  • Complexity: The file is quite large (1010 lines), which may indicate that it handles too many responsibilities. Consider breaking it down into smaller modules or services.
  • Quality: The use of TypeScript features like interfaces and type safety is evident. Error handling involves creating backups on schema validation failures, which is a good practice. However, the large size of the file might affect maintainability.

4. packages/hoppscotch-common/src/helpers/graphql/connection.ts

  • Structure and Content: This TypeScript file manages GraphQL connections using WebSockets. It handles connection states, schema fetching via introspection queries, and running GraphQL operations.
  • Functionality: The file provides functions for connecting to a GraphQL server, disconnecting, resetting connections, fetching schemas, running operations (queries/mutations/subscriptions), and generating authentication headers.
  • Quality: The code is well-organized with clear separation between connection management and operation execution. Error handling is present but could benefit from more detailed logging or user feedback mechanisms.

5. pnpm-lock.yaml

  • Structure and Content: This lock file ensures consistent dependency versions across different environments by locking all package versions used in the project.
  • Complexity: At 28,331 lines long, this file reflects a complex dependency tree typical of large projects with multiple packages.
  • Quality: Lock files are crucial for reproducibility in builds but are not manually edited or reviewed for quality beyond ensuring they are up-to-date with the latest dependency changes.

Overall Assessment

The Hoppscotch project files demonstrate a high level of organization and adherence to best practices in software development. Each file serves its purpose effectively within the project's ecosystem:

  • The package.json files are well-maintained with clear dependency management.
  • Rust code in lib.rs is modularized but could benefit from enhanced error logging.
  • TypeScript files show strong use of language features like types and interfaces but may need refactoring to improve maintainability due to their size.
  • The lock file ensures consistent dependency management across environments.

Overall, the project appears to be robustly engineered with attention to detail in both functionality and maintainability.

Report On: Fetch commits



Repo Commits Analysis

Development Team and Recent Activity

Team Members and Activities

  1. Shreyas (CuriousCorrelation)

    • Recent work includes fixing version bump regression, stabilizing updater UX, addressing TypeScript build warnings, and improving PersistenceService compatibility.
    • Collaborated with James George on some commits.
    • Active in multiple branches with significant contributions to desktop app features and bug fixes.
  2. Andrew Bastin (AndrewBastin)

    • Involved in dependency updates and resolving GraphQL connection issues.
    • Made minor contributions to the desktop feature branch.
  3. Akash K (amk-dev)

    • Worked on moving OpenAPI validation to a worker and fixing OpenAPI importer bugs.
    • Collaborated with Nivedin and James George on some tasks.
  4. James George (jamesgeorge007)

    • Focused on version bumps, foundational changes for cloud instances, and updating lock files.
    • Co-authored several commits, indicating collaboration with other team members.
  5. Anwarul Islam (anwarulislam)

    • Addressed issues related to GraphQL authentication headers and request validation.
    • Collaborated with James George on multiple occasions.
  6. Nivedin (nivedin)

    • Contributed to fixing environment variable issues, updating embed redirect URLs, and improving UI components.
    • Worked closely with Shreyas on various desktop-related improvements.
  7. Joel Jacob Stephen (JoelJacobStephen)

    • Introduced input validations for server configurations in the sh-admin package.
  8. Stéfany Larissa (stelardn)

    • Fixed cURL header import issues without trailing spaces.
  9. Luzpaz

    • Made minor typo corrections in the self-hosted desktop package.

Patterns, Themes, and Conclusions

  • Active Collaboration: The team demonstrates strong collaboration, as seen in multiple co-authored commits and shared tasks across different branches.
  • Focus on Desktop Features: Significant efforts are directed towards enhancing the desktop application, including UX improvements, bug fixes, and feature stabilization.
  • Continuous Improvements: Regular updates to dependencies, version bumps, and addressing build warnings indicate an ongoing commitment to maintaining code quality and security.
  • Diverse Contributions: Team members contribute across various aspects of the project, from backend services to frontend UI enhancements, showcasing a well-rounded skill set within the team.
  • Rapid Iteration: Frequent commits suggest a fast-paced development environment with continuous integration practices in place.

Overall, the Hoppscotch development team is actively engaged in refining both core functionalities and user experience aspects of their API development ecosystem.