Data source: npm, PyPI, crates.io, OSV.dev
Overview
Package Registry wraps npm, PyPI, crates.io, OSV.dev, handling authentication, pagination, and rate limits for you. This tutorial covers all 7 tools with working code examples you can copy and run.
Prerequisites
- Sign up at https://context.gnist.ai/signup for a free API key (100 calls/day).
- Choose your integration method: MCP protocol or REST API.
Connect via MCP
Add to your MCP client config (Claude Desktop, Cursor, etc.):
{
"mcpServers": {
"gnist-package-registry": {
"url": "https://context.gnist.ai/mcp/package-registry/",
"headers": {
"Gnist-API-Key": "YOUR_API_KEY"
}
}
}
}
Tools (7)
get_package
Get metadata for a package — latest version, description, license, maintainers. Args: ecosystem: Package ecosystem: 'npm', 'pypi', or 'crates'. name: Package name (e.g. 'express', 'requests', 'tokio'). Returns: Package metadata including version, description, license, homepage, repository URL, maintainers, and keywords.
| Parameter | Type | Required | Description |
|---|---|---|---|
ecosystem | string | required | Package ecosystem: 'npm', 'pypi', or 'crates'. |
name | string | required | Package name (e.g. 'express', 'requests', 'tokio'). |
curl -X POST "https://context.gnist.ai/mcp/package-registry/" \
-H "Content-Type: application/json" \
-H "Gnist-API-Key: YOUR_API_KEY" \
-d '{"jsonrpc": "2.0", "method": "tools/call", "id": 1, "params": {"name": "get_package", "arguments": {"ecosystem": "example", "name": "'express'"}}}'
import httpx
resp = httpx.post(
"https://context.gnist.ai/mcp/package-registry/",
headers={"Gnist-API-Key": "YOUR_API_KEY"},
json={'id': 1,
'jsonrpc': '2.0',
'method': 'tools/call',
'params': {'arguments': {'ecosystem': 'example', 'name': "'express'"},
'name': 'get_package'}},
)
print(resp.json())
get_package_versions
Get full release history for a package with publish timestamps. Args: ecosystem: Package ecosystem: 'npm', 'pypi', or 'crates'. name: Package name. Returns: Dictionary with count and versions list (version string + published_at timestamp).
| Parameter | Type | Required | Description |
|---|---|---|---|
ecosystem | string | required | Package ecosystem: 'npm', 'pypi', or 'crates'. |
name | string | required | Package name. |
curl -X POST "https://context.gnist.ai/mcp/package-registry/" \
-H "Content-Type: application/json" \
-H "Gnist-API-Key: YOUR_API_KEY" \
-d '{"jsonrpc": "2.0", "method": "tools/call", "id": 1, "params": {"name": "get_package_versions", "arguments": {"ecosystem": "example", "name": "example"}}}'
import httpx
resp = httpx.post(
"https://context.gnist.ai/mcp/package-registry/",
headers={"Gnist-API-Key": "YOUR_API_KEY"},
json={'id': 1,
'jsonrpc': '2.0',
'method': 'tools/call',
'params': {'arguments': {'ecosystem': 'example', 'name': 'example'},
'name': 'get_package_versions'}},
)
print(resp.json())
get_download_stats
Get download statistics for a package. Args: ecosystem: Package ecosystem: 'npm', 'pypi', or 'crates'. name: Package name. period: Time period — 'last-week' or 'last-month' (npm and PyPI). crates.io always returns recent 90-day downloads. Returns: Dictionary with ecosystem, name, period, and download count.
| Parameter | Type | Required | Description |
|---|---|---|---|
ecosystem | string | required | Package ecosystem: 'npm', 'pypi', or 'crates'. |
name | string | required | Package name. |
period | string | optional | Time period — 'last-week' or 'last-month' (npm and PyPI). crates.io always returns recent 90-day downloads. (default: last-week) |
curl -X POST "https://context.gnist.ai/mcp/package-registry/" \
-H "Content-Type: application/json" \
-H "Gnist-API-Key: YOUR_API_KEY" \
-d '{"jsonrpc": "2.0", "method": "tools/call", "id": 1, "params": {"name": "get_download_stats", "arguments": {"ecosystem": "example", "name": "example"}}}'
import httpx
resp = httpx.post(
"https://context.gnist.ai/mcp/package-registry/",
headers={"Gnist-API-Key": "YOUR_API_KEY"},
json={'id': 1,
'jsonrpc': '2.0',
'method': 'tools/call',
'params': {'arguments': {'ecosystem': 'example', 'name': 'example'},
'name': 'get_download_stats'}},
)
print(resp.json())
get_dependencies
Get direct dependencies for a package version. Args: ecosystem: Package ecosystem: 'npm', 'pypi', or 'crates'. name: Package name. version: Specific version string. If omitted, uses the latest release. Returns: Dictionary with count and dependencies list (name, version_req, kind). For crates, kind may be 'normal', 'dev', or 'build'.
| Parameter | Type | Required | Description |
|---|---|---|---|
ecosystem | string | required | Package ecosystem: 'npm', 'pypi', or 'crates'. |
name | string | required | Package name. |
version | any | optional | Specific version string. If omitted, uses the latest release. |
curl -X POST "https://context.gnist.ai/mcp/package-registry/" \
-H "Content-Type: application/json" \
-H "Gnist-API-Key: YOUR_API_KEY" \
-d '{"jsonrpc": "2.0", "method": "tools/call", "id": 1, "params": {"name": "get_dependencies", "arguments": {"ecosystem": "example", "name": "example"}}}'
import httpx
resp = httpx.post(
"https://context.gnist.ai/mcp/package-registry/",
headers={"Gnist-API-Key": "YOUR_API_KEY"},
json={'id': 1,
'jsonrpc': '2.0',
'method': 'tools/call',
'params': {'arguments': {'ecosystem': 'example', 'name': 'example'},
'name': 'get_dependencies'}},
)
print(resp.json())
get_vulnerabilities
Get known vulnerabilities for a package via OSV.dev (covers npm, PyPI, crates.io). Args: ecosystem: Package ecosystem: 'npm', 'pypi', or 'crates'. name: Package name. version: Specific version to check. If omitted, returns all known vulns for the package. Returns: Dictionary with count and vulnerabilities list (OSV ID, summary, severity, aliases like CVE numbers, affected version ranges, references, published/modified dates).
| Parameter | Type | Required | Description |
|---|---|---|---|
ecosystem | string | required | Package ecosystem: 'npm', 'pypi', or 'crates'. |
name | string | required | Package name. |
version | any | optional | Specific version to check. If omitted, returns all known vulns for the package. |
curl -X POST "https://context.gnist.ai/mcp/package-registry/" \
-H "Content-Type: application/json" \
-H "Gnist-API-Key: YOUR_API_KEY" \
-d '{"jsonrpc": "2.0", "method": "tools/call", "id": 1, "params": {"name": "get_vulnerabilities", "arguments": {"ecosystem": "example", "name": "example"}}}'
import httpx
resp = httpx.post(
"https://context.gnist.ai/mcp/package-registry/",
headers={"Gnist-API-Key": "YOUR_API_KEY"},
json={'id': 1,
'jsonrpc': '2.0',
'method': 'tools/call',
'params': {'arguments': {'ecosystem': 'example', 'name': 'example'},
'name': 'get_vulnerabilities'}},
)
print(resp.json())
search_packages
Search for packages by keyword across npm, PyPI, or crates.io. Args: ecosystem: Package ecosystem: 'npm', 'pypi', or 'crates'. query: Search keywords (e.g. 'http client async', 'date parsing'). limit: Maximum results (1–50, default 20). Returns: Dictionary with count and packages list (name, version, description, downloads where available).
| Parameter | Type | Required | Description |
|---|---|---|---|
ecosystem | string | required | Package ecosystem: 'npm', 'pypi', or 'crates'. |
query | string | required | Search keywords (e.g. 'http client async', 'date parsing'). |
limit | integer | optional | Maximum results (1–50, default 20). (default: 20) |
curl -X POST "https://context.gnist.ai/mcp/package-registry/" \
-H "Content-Type: application/json" \
-H "Gnist-API-Key: YOUR_API_KEY" \
-d '{"jsonrpc": "2.0", "method": "tools/call", "id": 1, "params": {"name": "search_packages", "arguments": {"ecosystem": "example", "query": "'http"}}}'
import httpx
resp = httpx.post(
"https://context.gnist.ai/mcp/package-registry/",
headers={"Gnist-API-Key": "YOUR_API_KEY"},
json={'id': 1,
'jsonrpc': '2.0',
'method': 'tools/call',
'params': {'arguments': {'ecosystem': 'example', 'query': "'http"},
'name': 'search_packages'}},
)
print(resp.json())
report_feedback
Report a bug, feature request, or general feedback for this data source. Use this when something doesn't work as expected, when you'd like a new feature, or when you have suggestions for improvement. Args: feedback: Describe the issue or suggestion. feedback_type: One of 'bug', 'feature_request', or 'general'.
| Parameter | Type | Required | Description |
|---|---|---|---|
feedback | string | required | |
feedback_type | string | optional | (default: general) |
curl -X POST "https://context.gnist.ai/mcp/package-registry/" \
-H "Content-Type: application/json" \
-H "Gnist-API-Key: YOUR_API_KEY" \
-d '{"jsonrpc": "2.0", "method": "tools/call", "id": 1, "params": {"name": "report_feedback", "arguments": {"feedback": "example"}}}'
import httpx
resp = httpx.post(
"https://context.gnist.ai/mcp/package-registry/",
headers={"Gnist-API-Key": "YOUR_API_KEY"},
json={'id': 1,
'jsonrpc': '2.0',
'method': 'tools/call',
'params': {'arguments': {'feedback': 'example'}, 'name': 'report_feedback'}},
)
print(resp.json())
Common Patterns
Use
search_packages to find items, then get_package to get full details. This two-step pattern is common for exploring data before drilling down.Several tools support
limit, offset, or page parameters. Start with small limits during development, then increase for production queries.FAQ
What data does Package Registry provide?
Package metadata and vulnerability data from npm, PyPI, crates.io, and OSV. It exposes 7 tools: get_package, get_package_versions, get_download_stats, get_dependencies, get_vulnerabilities, search_packages, report_feedback.
What do I need to get started?
A Gnist API key (free tier: 100 calls/day). Sign up at https://context.gnist.ai/signup.
What format does the Package Registry API return?
JSON, via either MCP protocol (JSON-RPC 2.0) or REST API.