amcalabretta / botbase Goto Github PK

A framework where to run bot trading cryptocurrencies across multiple exchanges

Home Page: https://amcalabretta.github.io/botbase/

License: MIT License

JavaScript 100.00%

crypto coinbase bot patterns trading-bot cryptocurrency algorithmic-trading freqtrade freqtrade-strategies cryptotrading

botbase's People

Contributors

Stargazers

Watchers

Forkers

benwaldner

botbase's Issues

it should be possible to place orders and monitor them

The main thread shall be responsible for placing real orders, additionally, it should be possible to run botbase in 'SYM' mode e.g. orders shall be not placed.

Bot base should also be able to check the status of each order and update the buckets accordingly.

A CI should be done

Github Ci should be integrated in regards to the following aspects:

Unit tests
Linting

A logging framework shall be used

Ideally, logging should be done, main reqs:

Each strategy should log to its own file.
If the same strategy is used with different configurations, different files should be used.
The main thread shall log on its own.
The directory where to store the files should be passed as an env variable, if the variable is not there, the process should not start.

add cognitive measuring to the npm scripts

https://www.npmjs.com/package/cognitive-complexity-ts

(it's already in the package.json)

move to multiprocess from workers

Multiprocess might be a better way to manage the strategies (especially considering that each strategy might make use of expensive frameworks like ML / AI etc...

see https://betterprogramming.pub/scaling-node-js-applications-with-multiprocessing-b0c25511832a for an example or move to cluster (https://nodejs.org/docs/latest/api/cluster.html#cluster) node native way to run multiple processes rather than threads (i.e. workers)

communication might be done via the pub/sub pattern (https://www.npmjs.com/package/cluster-pubsub)

Create a strategy based on the olhc candles based on multiple linear regression

package here:

https://www.npmjs.com/package/ml-regression-multivariate-linear

can be applied to 1s, 5s etc..

Fix codacy issues

As reported in https://app.codacy.com/gh/amcalabretta/botbase/dashboard?branch=master there are issues in terms of codequality

collect and log gc runs

Use github actions / final set of external tools for badges

GitHub Actions:

Linting (eslint)
Unit testing (fail if below x%)

External tools:

Sonarcloud
Codecov

npm audit found vulnerabilities

=== npm audit security report ===                        
                                                                                
┌──────────────────────────────────────────────────────────────────────────────┐
│                                Manual Review                                 │
│            Some vulnerabilities require your attention to resolve            │
│                                                                              │
│         Visit https://go.npm.me/audit-guide for additional guidance          │
└──────────────────────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ High          │ Prototype Pollution                                          │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ lodash                                                       │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in    │ >=4.17.11                                                    │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ deps-ok [dev]                                                │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ deps-ok > lodash                                             │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://npmjs.com/advisories/782                             │
└───────────────┴──────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ High          │ Prototype Pollution                                          │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ lodash                                                       │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in    │ >=4.17.12                                                    │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ deps-ok [dev]                                                │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ deps-ok > lodash                                             │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://npmjs.com/advisories/1065                            │
└───────────────┴──────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ Low           │ Prototype Pollution                                          │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ lodash                                                       │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in    │ >=4.17.19                                                    │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ deps-ok [dev]                                                │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ deps-ok > lodash                                             │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://npmjs.com/advisories/1523                            │
└───────────────┴──────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ High          │ Command Injection                                            │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ lodash                                                       │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in    │ >=4.17.21                                                    │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ deps-ok [dev]                                                │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ deps-ok > lodash                                             │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://npmjs.com/advisories/1673                            │
└───────────────┴──────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ Low           │ Prototype Pollution                                          │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ minimist                                                     │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in    │ >=0.2.1 <1.0.0 || >=1.2.3                                    │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ deps-ok [dev]                                                │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ deps-ok > minimist                                           │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://npmjs.com/advisories/1179                            │
└───────────────┴──────────────────────────────────────────────────────────────┘
found 5 vulnerabilities (2 low, 3 high) in 490 scanned packages
  5 vulnerabilities require manual review. See the full report for details.

npm audit found vulnerabilities

# npm audit report

@sideway/formula  3.0.0
Severity: moderate
@sideway/formula contains Regular Expression Denial of Service (ReDoS) Vulnerability - https://github.com/advisories/GHSA-c2jc-4fpr-4vhg
fix available via `npm audit fix`
node_modules/@sideway/formula

http-cache-semantics  <4.1.1
Severity: high
http-cache-semantics vulnerable to Regular Expression Denial of Service - https://github.com/advisories/GHSA-rc47-6667-2j5j
fix available via `npm audit fix`
node_modules/http-cache-semantics

json5  <1.0.2 || >=2.0.0 <2.2.2
Severity: high
Prototype Pollution in JSON5 via Parse Method - https://github.com/advisories/GHSA-9c47-m6qq-7p4h
Prototype Pollution in JSON5 via Parse Method - https://github.com/advisories/GHSA-9c47-m6qq-7p4h
fix available via `npm audit fix`
node_modules/json5
node_modules/tsconfig-paths/node_modules/json5

request  *
Severity: moderate
Server-Side Request Forgery in Request - https://github.com/advisories/GHSA-p8p7-x288-28g6
No fix available
node_modules/request
  coinbase-pro  *
  Depends on vulnerable versions of request
  node_modules/coinbase-pro

vm2  <=3.9.15
Severity: critical
vm2 vulnerable to sandbox escape - https://github.com/advisories/GHSA-7jxr-cg7f-gpgv
vm2 Sandbox Escape vulnerability - https://github.com/advisories/GHSA-xj72-wvfv-8985
fix available via `npm audit fix`
node_modules/vm2

6 vulnerabilities (3 moderate, 2 high, 1 critical)

To address issues that do not require attention, run:
  npm audit fix

Some issues need review, and may require choosing
a different dependency.

Load strategies to be executed from the main yaml file

Currently the strategies to be ran live in the all_strategies file, it would be more handy to load them from the yaml file.

Add badges

Add badges:

Linting
nvm minimal
some other stuff that might come to mind

Add linter

Add linting step

Recommend Projects

React

A declarative, efficient, and flexible JavaScript library for building user interfaces.
Vue.js

🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript

TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
TensorFlow

An Open Source Machine Learning Framework for Everyone
Django

The Web framework for perfectionists with deadlines.
Laravel

A PHP framework for web artisans
D3

Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

javascript

JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
web

Some thing interesting about web. New door for the world.
server

A server is a program made to process requests and deliver data to clients.
Machine learning

Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Visualization

Some thing interesting about visualization, use data art
Game

Some thing interesting about game, make everyone happy.

Recommend Org

Facebook

We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft

Open source projects and samples from Microsoft.
Google

Google ❤️ Open Source for everyone.
Alibaba

Alibaba Open Source for everyone
D3

Data-Driven Documents codes.
Tencent

China tencent open source team.