{"id":7748051,"name":"StartAutomating/RoughDraft","ecosystem":"actions","description":"A PowerShell Module for Multimedia.","homepage":"https://roughdraft.start-automating.com","licenses":"mit","normalized_licenses":["MIT"],"repository_url":"https://github.com/StartAutomating/RoughDraft","keywords_array":["ffmpeg","ffmpeg-wrapper","multimedia","multimedia-library","powershell","powershell-module"],"namespace":"StartAutomating","versions_count":25,"first_release_published_at":"2021-12-01T03:08:25.000Z","latest_release_published_at":"2026-05-15T21:53:56.000Z","latest_release_number":"v0.4.3","last_synced_at":"2026-05-16T16:03:33.499Z","created_at":"2023-05-17T11:38:17.928Z","updated_at":"2026-05-16T16:03:33.500Z","registry_url":"https://github.com/StartAutomating/RoughDraft","install_command":null,"documentation_url":null,"metadata":{"name":"MakeRoughDraft","description":"A PowerShell Module for Multimedia.","inputs":{"RoughDraftScript":{"required":false,"description":"A PowerShell Script that uses RoughDraft.  \nAny files outputted from the script will be added to the repository.\nIf those files have a .Message attached to them, they will be committed with that message.\n"},"SkipRoughDraftPS1":{"required":false,"description":"If set, will not process any files named *.RoughDraft.ps1"},"InstallModule":{"required":false,"description":"A list of modules to be installed from the PowerShell gallery before scripts run."},"FFMpegInstallArgument":{"required":false,"description":"A list of installation arguments."},"CommitMessage":{"required":false,"description":"If provided, will commit any remaining changes made to the workspace with this commit message."},"UserEmail":{"required":false,"description":"The user email associated with a git commit."},"UserName":{"required":false,"description":"The user name associated with a git commit."}},"branding":{"icon":"film","color":"blue"},"outputs":{"RoughDraftScriptRuntime":{"description":"The time it took the .RoughDraftScript parameter to run","value":"${{steps.RoughDraftAction.outputs.RoughDraftScriptRuntime}}"},"RoughDraftPS1Runtime":{"description":"The time it took all .RoughDraft.ps1 files to run","value":"${{steps.RoughDraftAction.outputs.RoughDraftPS1Runtime}}"},"RoughDraftPS1Files":{"description":"The .RoughDraft.ps1 files that were run (separated by semicolons)","value":"${{steps.RoughDraftAction.outputs.RoughDraftPS1Files}}"},"RoughDraftPS1Count":{"description":"The number of .RoughDraft.ps1 files that were run","value":"${{steps.RoughDraftAction.outputs.RoughDraftPS1Count}}"}},"runs":{"using":"composite","steps":[{"name":"RoughDraftAction","id":"RoughDraftAction","shell":"pwsh","env":{"FFMpegInstallArgument":"${{inputs.FFMpegInstallArgument}}","CommitMessage":"${{inputs.CommitMessage}}","RoughDraftScript":"${{inputs.RoughDraftScript}}","UserName":"${{inputs.UserName}}","UserEmail":"${{inputs.UserEmail}}","SkipRoughDraftPS1":"${{inputs.SkipRoughDraftPS1}}","InstallModule":"${{inputs.InstallModule}}"},"run":"$Parameters = @{}\n$Parameters.RoughDraftScript = ${env:RoughDraftScript}\n$Parameters.SkipRoughDraftPS1 = ${env:SkipRoughDraftPS1}\n$Parameters.SkipRoughDraftPS1 = $parameters.SkipRoughDraftPS1 -match 'true';\n$Parameters.InstallModule = ${env:InstallModule}\n$Parameters.InstallModule = $parameters.InstallModule -split ';' -replace '^[''\"]' -replace  '[''\"]$'\n$Parameters.FFMpegInstallArgument = ${env:FFMpegInstallArgument}\n$Parameters.FFMpegInstallArgument = $parameters.FFMpegInstallArgument -split ';' -replace '^[''\"]' -replace  '[''\"]$'\n$Parameters.CommitMessage = ${env:CommitMessage}\n$Parameters.UserEmail = ${env:UserEmail}\n$Parameters.UserName = ${env:UserName}\nforeach ($k in @($parameters.Keys)) {\n    if ([String]::IsNullOrEmpty($parameters[$k])) {\n        $parameters.Remove($k)\n    }\n}\nWrite-Host \"::debug:: RoughDraftAction $(@(foreach ($p in $Parameters.GetEnumerator()) {'-' + $p.Key + ' ' + $p.Value}) -join ' ')\"\n\u0026 {\u003c#\n.Synopsis\n    GitHub Action for RoughDraft\n.Description\n    GitHub Action for RoughDraft.  This will:\n\n    * Run all *.RoughDraft.ps1 files beneath the workflow directory\n    * Run a .RoughDraftScript parameter.\n\n    Any files changed can be outputted by the script, and those changes can be checked back into the repo.\n    Make sure to use the \"persistCredentials\" option with checkout.\n#\u003e\n\nparam(\n# A PowerShell Script that uses RoughDraft.  \n# Any files outputted from the script will be added to the repository.\n# If those files have a .Message attached to them, they will be committed with that message.\n[string]\n$RoughDraftScript,\n\n# If set, will not process any files named *.RoughDraft.ps1\n[switch]\n$SkipRoughDraftPS1,\n\n# A list of modules to be installed from the PowerShell gallery before scripts run.\n[string[]]\n$InstallModule = @(\"ugit\"),\n\n# A list of installation arguments.\n[string[]]\n$FFMpegInstallArgument,\n\n# If provided, will commit any remaining changes made to the workspace with this commit message.\n[string]\n$CommitMessage,\n\n# The user email associated with a git commit.\n[string]\n$UserEmail,\n\n# The user name associated with a git commit.\n[string]\n$UserName\n)\n\nif (-not $env:GITHUB_WORKSPACE) { throw \"No GitHub workspace\" }\n$anyFilesChanged = $false\n$moduleName = 'RoughDraft'\n$actorInfo = $null\n\n\"::group::Parameters\" | Out-Host\n[PSCustomObject]$PSBoundParameters | Format-List | Out-Host\n\"::endgroup::\" | Out-Host\n\nfunction ImportActionModule {\n    #region -InstallModule\n    if ($InstallModule) {\n        \"::group::Installing Modules\" | Out-Host\n        foreach ($moduleToInstall in $InstallModule) {\n            $moduleInWorkspace = Get-ChildItem -Path $env:GITHUB_WORKSPACE -Recurse -File |\n                Where-Object Name -eq \"$($moduleToInstall).psd1\" |\n                Where-Object { \n                    $(Get-Content $_.FullName -Raw) -match 'ModuleVersion'\n                }\n            if (-not $moduleInWorkspace) {\n                Install-Module $moduleToInstall -Scope CurrentUser -Force\n                Import-Module $moduleToInstall -Force -PassThru | Out-Host\n            }\n        }\n        \"::endgroup::\" | Out-Host\n    }\n    #endregion -InstallModule\n\n    if ($env:GITHUB_ACTION_PATH) {\n        $LocalModulePath = Join-Path $env:GITHUB_ACTION_PATH \"$moduleName.psd1\"\n        if (Test-path $LocalModulePath) {\n            Import-Module $LocalModulePath -Force -PassThru | Out-String\n        } else {\n            throw \"Module '$moduleName' not found\"\n        }\n    } elseif (-not (Get-Module $moduleName)) {    \n        throw \"Module '$ModuleName' not found\"\n    }\n\n    \"::notice title=ModuleLoaded::$ModuleName Loaded from Path - $($LocalModulePath)\" | Out-Host\n    if ($env:GITHUB_STEP_SUMMARY) {\n        \"# $($moduleName)\" |\n            Out-File -Append -FilePath $env:GITHUB_STEP_SUMMARY\n    }\n}\nfunction InitializeAction {\n    #region Custom \n    if ($PSVersionTable.Platform -eq 'Unix') {\n        $ffMpegInPath =  $ExecutionContext.SessionState.InvokeCommand.GetCommand('ffmpeg', 'Application')\n        if (-not $ffMpegInPath -and $env:GITHUB_WORKFLOW) {\n            \"::group::Installing FFMpeg\" | Out-Host\n            sudo apt update | Out-Host\n            sudo apt install ffmpeg @FFMpegInstallArgument | Out-Host\n            \"::endgroup::\" | Out-Host\n        }\n    }\n    #endregion Custom\n\n    # Configure git based on the $env:GITHUB_ACTOR\n    if (-not $UserName) { $UserName = $env:GITHUB_ACTOR }\n    if (-not $actorID)  { $actorID = $env:GITHUB_ACTOR_ID }\n    $actorInfo = Invoke-RestMethod -Uri \"https://api.github.com/user/$actorID\"\n    if (-not $UserEmail) { $UserEmail = \"$UserName@noreply.github.com\" }\n    git config --global user.email $UserEmail\n    git config --global user.name  $actorInfo.name\n\n    # Pull down any changes\n    git pull | Out-Host\n}\n\nfunction InvokeActionModule {\n    $myScriptStart = [DateTime]::Now\n    $myScript = $ExecutionContext.SessionState.PSVariable.Get(\"${ModuleName}Script\").Value\n    if ($myScript) {\n        Invoke-Expression -Command $myScript |\n            . ProcessOutput |\n            Out-Host\n    }\n    $myScriptTook = [Datetime]::Now - $myScriptStart\n    $MyScriptFilesStart = [DateTime]::Now\n\n    $myScriptList  = @()\n    $shouldSkip = $ExecutionContext.SessionState.PSVariable.Get(\"Skip${ModuleName}PS1\").Value\n    if (-not $shouldSkip) {\n        Get-ChildItem -Recurse -Path $env:GITHUB_WORKSPACE |\n            Where-Object Name -Match \"\\.$($moduleName)\\.ps1$\" |            \n            ForEach-Object -Begin {\n                if ($env:GITHUB_STEP_SUMMARY) {\n                    \"## $ModuleName Scripts\" |\n                        Out-File -Append -FilePath $env:GITHUB_STEP_SUMMARY\n                } \n            } -Process {\n                $myScriptList += $_.FullName.Replace($env:GITHUB_WORKSPACE, '').TrimStart('/')\n                $myScriptCount++\n                $scriptFile = $_\n                if ($env:GITHUB_STEP_SUMMARY) {\n                    \"### $($scriptFile.Fullname)\" |\n                        Out-File -Append -FilePath $env:GITHUB_STEP_SUMMARY\n                }            \n                $scriptFileOutputs = . $scriptFile.FullName\n                if ($env:GITHUB_STEP_SUMMARY) {\n                    \"$(@($scriptFileOutputs).Length) Outputs\" |                    \n                        Out-File -Append -FilePath $env:GITHUB_STEP_SUMMARY\n                    \"$(@($scriptFileOutputs).Length) Outputs\" | Out-Host\n                }\n                $scriptFileOutputs |\n                    . ProcessOutput  | \n                    Out-Host\n            }\n    }\n    \n    $MyScriptFilesTook = [Datetime]::Now - $MyScriptFilesStart\n    $SummaryOfMyScripts = \"$myScriptCount $moduleName scripts took $($MyScriptFilesTook.TotalSeconds) seconds\" \n    $SummaryOfMyScripts | \n        Out-Host\n    if ($env:GITHUB_STEP_SUMMARY) {\n        $SummaryOfMyScripts | \n            Out-File -Append -FilePath $env:GITHUB_STEP_SUMMARY\n    }\n}\n\nfunction PushActionOutput {\n    if ($CommitMessage -or $anyFilesChanged) {\n        if ($CommitMessage) {\n            Get-ChildItem $env:GITHUB_WORKSPACE -Recurse |\n                ForEach-Object {\n                    $gitStatusOutput = git status $_.Fullname -s\n                    if ($gitStatusOutput) {\n                        git add $_.Fullname\n                    }\n                }\n    \n            git commit -m $ExecutionContext.SessionState.InvokeCommand.ExpandString($CommitMessage)\n        }\n    \n        $checkDetached = git symbolic-ref -q HEAD\n        if (-not $LASTEXITCODE) {\n            \"::notice::Pushing Changes\" | Out-Host\n            git push\n            \"Git Push Output: $($gitPushed  | Out-String)\"\n        } else {\n            \"::notice::Not pushing changes (on detached head)\" | Out-Host\n            $LASTEXITCODE = 0\n            exit 0\n        }\n    }\n}\n\nfilter ProcessOutput {\n    $out = $_\n    $outItem = Get-Item -Path $out -ErrorAction Ignore\n    if (-not $outItem -and $out -is [string]) {\n        $out | Out-Host\n        if ($env:GITHUB_STEP_SUMMARY) {\n            \"\u003e $out\" | Out-File -Append -FilePath $env:GITHUB_STEP_SUMMARY\n        }\n        return\n    }\n    $fullName, $shouldCommit = \n        if ($out -is [IO.FileInfo]) {\n            $out.FullName, (git status $out.Fullname -s)\n        } elseif ($outItem) {\n            $outItem.FullName, (git status $outItem.Fullname -s)\n        }\n    if ($shouldCommit) {\n        git add $fullName\n        if ($out.Message) {\n            git commit -m \"$($out.Message)\" | Out-Host\n        } elseif ($out.CommitMessage) {\n            git commit -m \"$($out.CommitMessage)\" | Out-Host\n        }  elseif ($gitHubEvent.head_commit.message) {\n            git commit -m \"$($gitHubEvent.head_commit.message)\" | Out-Host\n        }\n        $anyFilesChanged = $true\n    }    \n    $out\n}\n\n\n. ImportActionModule\n. InitializeAction\n. InvokeActionModule\n. PushActionOutput\n} @Parameters\n"}]},"default_branch":"main","path":null},"repo_metadata":{"id":39712710,"uuid":"432962149","full_name":"StartAutomating/RoughDraft","owner":"StartAutomating","description":"A Fun PowerShell Module for Multimedia (using FFMpeg)","archived":false,"fork":false,"pushed_at":"2025-07-19T02:22:52.000Z","size":18804,"stargazers_count":34,"open_issues_count":51,"forks_count":2,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-09-04T04:45:54.006Z","etag":null,"topics":["ffmpeg","ffmpeg-wrapper","multimedia","multimedia-library","powershell","powershell-module"],"latest_commit_sha":null,"homepage":"https://roughdraft.start-automating.com","language":"PowerShell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/StartAutomating.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null},"funding":{"github":["StartAutomating"]}},"created_at":"2021-11-29T08:33:30.000Z","updated_at":"2025-07-19T02:22:56.000Z","dependencies_parsed_at":"2024-01-27T23:24:19.185Z","dependency_job_id":"f5d747b4-a4f4-42f0-9879-1105903cd1b2","html_url":"https://github.com/StartAutomating/RoughDraft","commit_stats":null,"previous_names":[],"tags_count":23,"template":false,"template_full_name":null,"purl":"pkg:github/StartAutomating/RoughDraft","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/StartAutomating%2FRoughDraft","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/StartAutomating%2FRoughDraft/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/StartAutomating%2FRoughDraft/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/StartAutomating%2FRoughDraft/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/StartAutomating","download_url":"https://codeload.github.com/StartAutomating/RoughDraft/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/StartAutomating%2FRoughDraft/sbom","scorecard":{"id":133879,"data":{"date":"2025-08-04","repo":{"name":"github.com/StartAutomating/RoughDraft","commit":"a101e4f94a8e986a0445799b303732d44a1a7784"},"scorecard":{"version":"v5.2.1-28-gc1d103a9","commit":"c1d103a9bb9f635ec7260bf9aa0699466fa4be0e"},"score":5.2,"checks":[{"name":"Security-Policy","score":9,"reason":"security policy file detected","details":["Info: security policy file detected: SECURITY.md:1","Info: Found linked content: SECURITY.md:1","Warn: One or no descriptive hints of disclosure, vulnerability, and/or timelines in security policy","Info: Found text in security policy: SECURITY.md:1"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#security-policy"}},{"name":"Maintained","score":10,"reason":"30 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#maintained"}},{"name":"Code-Review","score":0,"reason":"Found 0/9 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#code-review"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#dangerous-workflow"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#cii-best-practices"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/OnIssue.yml:1","Warn: no topLevel permission defined: .github/workflows/TestAndPublish.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#token-permissions"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#fuzzing"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#binary-artifacts"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#vulnerabilities"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: MIT License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'main'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#branch-protection"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/OnIssue.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/StartAutomating/RoughDraft/OnIssue.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/OnIssue.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/StartAutomating/RoughDraft/OnIssue.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/TestAndPublish.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/StartAutomating/RoughDraft/TestAndPublish.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/TestAndPublish.yml:120: update your workflow using https://app.stepsecurity.io/secureworkflow/StartAutomating/RoughDraft/TestAndPublish.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/TestAndPublish.yml:188: update your workflow using https://app.stepsecurity.io/secureworkflow/StartAutomating/RoughDraft/TestAndPublish.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/TestAndPublish.yml:198: update your workflow using https://app.stepsecurity.io/secureworkflow/StartAutomating/RoughDraft/TestAndPublish.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/TestAndPublish.yml:575: update your workflow using https://app.stepsecurity.io/secureworkflow/StartAutomating/RoughDraft/TestAndPublish.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/TestAndPublish.yml:577: update your workflow using https://app.stepsecurity.io/secureworkflow/StartAutomating/RoughDraft/TestAndPublish.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/TestAndPublish.yml:581: update your workflow using https://app.stepsecurity.io/secureworkflow/StartAutomating/RoughDraft/TestAndPublish.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/TestAndPublish.yml:588: update your workflow using https://app.stepsecurity.io/secureworkflow/StartAutomating/RoughDraft/TestAndPublish.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/TestAndPublish.yml:590: update your workflow using https://app.stepsecurity.io/secureworkflow/StartAutomating/RoughDraft/TestAndPublish.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/TestAndPublish.yml:592: update your workflow using https://app.stepsecurity.io/secureworkflow/StartAutomating/RoughDraft/TestAndPublish.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/TestAndPublish.yml:594: update your workflow using https://app.stepsecurity.io/secureworkflow/StartAutomating/RoughDraft/TestAndPublish.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/TestAndPublish.yml:596: update your workflow using https://app.stepsecurity.io/secureworkflow/StartAutomating/RoughDraft/TestAndPublish.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/TestAndPublish.yml:604: update your workflow using https://app.stepsecurity.io/secureworkflow/StartAutomating/RoughDraft/TestAndPublish.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/TestAndPublish.yml:610: update your workflow using https://app.stepsecurity.io/secureworkflow/StartAutomating/RoughDraft/TestAndPublish.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/TestAndPublish.yml:616: update your workflow using https://app.stepsecurity.io/secureworkflow/StartAutomating/RoughDraft/TestAndPublish.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/TestAndPublish.yml:624: update your workflow using https://app.stepsecurity.io/secureworkflow/StartAutomating/RoughDraft/TestAndPublish.yml/main?enable=pin","Warn: containerImage not pinned by hash: Dockerfile:2: pin your Docker image by updating kalilinux/kali-rolling to kalilinux/kali-rolling@sha256:3a903fbf0d61067d5e7cc0f335faa7de27c6fd2fb8d592dc6d77a3fb85184cca","Info:   0 out of   6 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of  12 third-party GitHubAction dependencies pinned","Info:   0 out of   1 containerImage dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#pinned-dependencies"}},{"name":"Packaging","score":10,"reason":"packaging workflow detected","details":["Info: Project packages its releases by way of GitHub Actions.: .github/workflows/TestAndPublish.yml:570"],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#packaging"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 23 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#sast"}}]},"last_synced_at":"2025-08-16T05:52:49.900Z","repository_id":39712710,"created_at":"2025-08-16T05:52:49.906Z","updated_at":"2025-08-16T05:52:49.906Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":278526190,"owners_count":26001327,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-05T02:00:06.059Z","response_time":54,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"},"owner_record":{"login":"StartAutomating","name":"James Brundage","uuid":"1043665","kind":"user","description":"Microsoft MVP in Azure / PowerShell","email":"","website":"https://startautomating.com/","location":"Seattle, WA","twitter":"jamesbru","company":"Start-Automating","icon_url":"https://avatars.githubusercontent.com/u/1043665?u=b41e97d22588b62d84e4c23da451c7cc93303a39\u0026v=4","repositories_count":66,"last_synced_at":"2025-09-26T19:32:37.539Z","metadata":{"has_sponsors_listing":true},"html_url":"https://github.com/StartAutomating","funding_links":["https://github.com/sponsors/StartAutomating"],"total_stars":1292,"followers":512,"following":54,"created_at":"2022-11-08T04:14:46.274Z","updated_at":"2025-09-26T19:32:37.539Z","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/StartAutomating","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/StartAutomating/repositories"},"tags":[]},"repo_metadata_updated_at":"2025-10-05T22:14:32.459Z","dependent_packages_count":0,"downloads":null,"downloads_period":null,"dependent_repos_count":1,"rankings":{"downloads":null,"dependent_repos_count":24.750435747108224,"dependent_packages_count":0.0,"stargazers_count":7.146252574869276,"forks_count":21.68277610521312,"docker_downloads_count":null,"average":13.394866106797654},"purl":"pkg:githubactions/StartAutomating/RoughDraft","advisories":[],"docker_usage_url":"https://docker.ecosyste.ms/usage/actions/StartAutomating/RoughDraft","docker_dependents_count":null,"docker_downloads_count":null,"usage_url":"https://repos.ecosyste.ms/usage/actions/StartAutomating/RoughDraft","dependent_repositories_url":"https://repos.ecosyste.ms/api/v1/usage/actions/StartAutomating/RoughDraft/dependencies","status":null,"funding_links":["https://github.com/sponsors/StartAutomating"],"critical":null,"issue_metadata":{"last_synced_at":"2025-08-31T11:16:53.158Z","issues_count":204,"pull_requests_count":20,"avg_time_to_close_issue":17735385.41221374,"avg_time_to_close_pull_request":22850.95,"issues_closed_count":131,"pull_requests_closed_count":20,"pull_request_authors_count":1,"issue_authors_count":5,"avg_comments_per_issue":0.0392156862745098,"avg_comments_per_pull_request":0.0,"merged_pull_requests_count":20,"bot_issues_count":0,"bot_pull_requests_count":0,"past_year_issues_count":35,"past_year_pull_requests_count":2,"past_year_avg_time_to_close_issue":18055069.57142857,"past_year_avg_time_to_close_pull_request":690.5,"past_year_issues_closed_count":14,"past_year_pull_requests_closed_count":2,"past_year_pull_request_authors_count":1,"past_year_issue_authors_count":3,"past_year_avg_comments_per_issue":0.02857142857142857,"past_year_avg_comments_per_pull_request":0.0,"past_year_bot_issues_count":0,"past_year_bot_pull_requests_count":0,"past_year_merged_pull_requests_count":2,"issues_url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/repositories/startautomating%2Froughdraft/issues","maintainers":[{"login":"StartAutomating","count":215,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/StartAutomating"}],"active_maintainers":[{"login":"StartAutomating","count":22,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/StartAutomating"}]},"versions_url":"https://packages.ecosyste.ms/api/v1/registries/github%20actions/packages/StartAutomating%2FRoughDraft/versions","version_numbers_url":"https://packages.ecosyste.ms/api/v1/registries/github%20actions/packages/StartAutomating%2FRoughDraft/version_numbers","latest_version_url":"https://packages.ecosyste.ms/api/v1/registries/github%20actions/packages/StartAutomating%2FRoughDraft/latest_version","dependent_packages_url":"https://packages.ecosyste.ms/api/v1/registries/github%20actions/packages/StartAutomating%2FRoughDraft/dependent_packages","related_packages_url":"https://packages.ecosyste.ms/api/v1/registries/github%20actions/packages/StartAutomating%2FRoughDraft/related_packages","codemeta_url":"https://packages.ecosyste.ms/api/v1/registries/github%20actions/packages/StartAutomating%2FRoughDraft/codemeta","maintainers":[]}