Node.js SDK
@mevzuat-radar/sdk, public OpenAPI allowlist’ine bağlı API client’ıdır.
Varsayılan auth x-api-key kullanır. Webhook yönetimi admin session gerektirdiği
için SDK’de ayrıca jwt option’ı verilmeden çalışmaz.
Kurulum
Registry kurulumu yalnız kuruma paket erişimi verildiyse kullanılır. Erişim henüz açılmadıysa repo-local pack çıktısı artifact olarak alınır ve kurum içi registry’ye taşınır.
npm install @mevzuat-radar/sdkGenel API İstemcisi
import { MevzuatRadarClient } from '@mevzuat-radar/sdk';
const client = new MevzuatRadarClient({
apiKey: process.env.MEVZUATRADAR_API_KEY,
baseUrl: 'https://api.mevzuatradar.com',
});
const changes = await client.listChanges({
limit: 20,
sourceCode: 'BDDK',
});
for (const change of changes.items) {
console.log(change.id, change.title);
}Endpoint Coverage
| SDK method | API path | Auth |
|---|---|---|
getPublicSourceStats() | GET /api/v1/public/source-stats | none |
listPublicRegulations() | GET /api/v1/public/regulations | none |
listChanges() | GET /api/v1/changes | x-api-key |
listDeadlines() | GET /api/v1/deadlines | x-api-key |
listActions() | GET /api/v1/actions | x-api-key |
listVerificationReports() | GET /api/v1/verification-reports | x-api-key |
getVerificationReport(id) | GET /api/v1/verification-reports/:id | x-api-key |
listBoardReports() | GET /api/v1/board-reports | x-api-key |
getBoardReport(id) | GET /api/v1/board-reports/:id | x-api-key |
getEvidencePack(id) | GET /api/v1/evidence-packs/:id | x-api-key |
listWebhooks() | GET /api/v1/webhooks | JWT |
createWebhook() | POST /api/v1/webhooks | JWT |
getWebhook() | GET /api/v1/webhooks/:id | JWT |
updateWebhook() | PUT /api/v1/webhooks/:id | JWT |
deleteWebhook() | DELETE /api/v1/webhooks/:id | JWT |
testWebhook() | POST /api/v1/webhooks/:id/test | JWT |
rotateWebhookSecret() | POST /api/v1/webhooks/:id/rotate-secret | JWT |
listWebhookDeliveries() | GET /api/v1/webhooks/:id/deliveries | JWT |
Webhook Management
const adminClient = new MevzuatRadarClient({
jwt: process.env.MEVZUATRADAR_ADMIN_JWT,
});
await adminClient.createWebhook({
url: 'https://grc.example.com/webhooks/mevzuatradar',
events: ['NEW_REGULATION', 'ACTION_DEADLINE_APPROACHING'],
});HMAC Verification
Receiver tarafında imza her zaman raw request body üzerinden doğrulanır. JSON’u yeniden stringify etmek imzayı geçersiz kılar.
import { verifyWebhookSignature } from '@mevzuat-radar/sdk';
const valid = verifyWebhookSignature({
payload: rawBodyBuffer,
secret: process.env.MEVZUATRADAR_WEBHOOK_SECRET,
signature: request.headers['x-webhook-signature'],
});
if (!valid) {
response.writeHead(401).end('invalid signature');
}Error Handling
import { MevzuatRadarApiError } from '@mevzuat-radar/sdk';
try {
await client.listChanges({ sourceCode: 'BDDK' });
} catch (error) {
if (error instanceof MevzuatRadarApiError) {
console.error(error.status, error.requestId, error.message);
}
throw error;
}