Shields: Badge request: GitHub dependency graph

Thanks for the suggestion. Our data for the GitHub badges comes from their API. I don't think GitHub surface this information via an API endpoint yet, do they?

Yes, you are right.
Unfortunately, their API doesn't seem to have an endpoint to retrieve the dependency graph.

Is there another service that could provide this? For example, we use https://libraries.io/ for bower. Would they have a relevant endpoint?

If the project is a package indexed by libraries.io, the project-dependencies, project-dependents (these are both about other _packages_ that your package depends on, or is dependent on) and the dependent-repositories endpoint (which is about _repositories_ that depend on your package) are all relevant in this problem domain but won't produce the same numbers as the GH dependency graph. See https://github.com/librariesio/libraries.io/issues/2005

This came up again in #1858, where @sindresorhus pointed out there is a GraphQL endpoint for the dependency graph: https://developer.github.com/changes/2018-04-24-preview-dependency-graph-and-vulnerability-hooks/

However:

That endpoint doesn't seem to provide access to the dependents number, only the dependencies number.

IIRC scraping github violates their ToS so I'm not sure the best way forward here.

As @chris48s points out above, Libraries.io has a different number available, but it doesn't match Github. I added a badge for that in #1895.

If anyone is interested in working on this, there is now a GithubAuthV4Service base class for working with the Github GraphQL API. https://github.com/badges/shields/blob/master/services/github/github-forks.service.js is an example of another bad that uses it.