The Emmy API is a backend data service that connects to federal and commercial data sources to facilitate eligibility determination for state agencies.
The Emmy API is a part of a suite of open-source tools developed by the Centers for Medicare & Medicaid Services (CMS). Emmy supports states in implementing the new Medicaid eligibility and renewal community engagement requirements under the Working Families Tax Cut legislation.
Emmy's suite of tools does not replace a state's existing eligibility system — rather, it offers streamlined, efficient ways to help states implement the new community engagement requirements.
Repository contact channels and observable contributor information are listed in COMMUNITY.md.
This project uses pre-commit to register git hooks that run our various linters. You can install pre-commit and then run:
pre-commit installFor OpenAPI spec maintenance, the repo also includes utility scripts under
scripts/:
# 1. Rebuild the bundled YAML and JSON artifacts from the design-time source spec
./scripts/bundle-api-spec
# 2. Validate the bundled YAML artifact
./scripts/validate-api-spec
# 3. Lint the bundled YAML artifact with the repo Spectral ruleset
./scripts/lint-api-spec
# 4. Lint hand-authored YAML files
./scripts/lint-yaml-files
# 5. Check formatting for contract YAML and JSON files
./scripts/check-format-contract-files
# 6. Compile standalone JSON Schemas
./scripts/check-json-schemas
# 7. Check for breaking OpenAPI changes against a base ref
./scripts/check-openapi-breaking [base-ref]If you use mise, install the pinned runtimes from
mise.toml and run:
# Install the pinned Go and Node runtimes for this repo
mise install
# Run the full local contract/spec workflow
mise run check-contract-filesYou can also run each step individually with mise run bundle-api-spec,
mise run validate-api-spec, mise run lint-api-spec,
mise run lint-yaml-files, mise run check-format-contract-files,
mise run check-json-schemas, and mise run check-openapi-breaking.
We adhere to the CMS Open Source Policy. If you have any questions, just shoot us an email.
Submit a vulnerability: Vulnerability reports can be submitted through Bugcrowd. Reports may be submitted anonymously. If you share contact information, we will acknowledge receipt of your report within 3 business days.
For more information about our Security, Vulnerability, and Responsible Disclosure Policies, see SECURITY.md.
A Software Bill of Materials (SBOM) is a formal record containing the details and supply chain relationships of various components used in building software.
In the spirit of Executive Order 14028 - Improving the Nation's Cyber Security, the current dependency graph for this repository is available at: https://github.com/CMSgov/emmy-api/network/dependencies
For more information and resources about SBOMs, visit: https://www.cisa.gov/sbom.
This project is in the public domain within the United States, and copyright and related rights in the work worldwide are waived through the CC0 1.0 Universal public domain dedication as indicated in LICENSE.
All contributions to this project will be released under the CC0 dedication. By submitting a pull request or issue, you are agreeing to comply with this waiver of copyright interest.