{"id":3496205,"name":"github.com/google/safebrowsing","ecosystem":"go","description":"Package safebrowsing implements a client for the Safe Browsing API v4.\n\nAPI v4 emphasizes efficient usage of the network for bandwidth-constrained\napplications such as mobile devices. It achieves this by maintaining a small\nportion of the server state locally such that some queries can be answered\nimmediately without any network requests. Thus, fewer API calls made, means\nless bandwidth is used.\n\nAt a high-level, the implementation does the following:\n\nEssentially the query is presented to three major components: The database,\nthe cache, and the API. Each of these may satisfy the query immediately,\nor may say that it does not know and that the query should be satisfied by\nthe next component. The goal of the database and cache is to satisfy as many\nqueries as possible to avoid using the API.\n\nStarting with a user query, a hash of the query is performed to preserve\nprivacy regarded the exact nature of the query. For example, if the query\nwas for a URL, then this would be the SHA256 hash of the URL in question.\n\nGiven a query hash, we first check the local database (which is periodically\nsynced with the global Safe Browsing API servers). This database will either\ntell us that the query is definitely safe, or that it does not have\nenough information.\n\nIf we are unsure about the query, we check the local cache, which can be used\nto satisfy queries immediately if the same query had been made recently.\nThe cache will tell us that the query is either safe, unsafe, or unknown\n(because the it's not in the cache or the entry expired).\n\nIf we are still unsure about the query, then we finally query the API server,\nwhich is guaranteed to return to us an authoritative answer, assuming no\nnetworking failures.\n\nFor more information, see the API developer's guide:","homepage":"https://github.com/google/safebrowsing","licenses":"Apache-2.0","normalized_licenses":["Apache-2.0"],"repository_url":"https://github.com/google/safebrowsing","keywords_array":[],"namespace":"github.com/google","versions_count":1,"first_release_published_at":"2019-06-24T21:18:11.000Z","latest_release_published_at":"2019-06-24T21:18:11.000Z","latest_release_number":"v0.0.0-20190624211811-bbf0d20d26b3","last_synced_at":"2026-04-25T15:31:06.958Z","created_at":"2022-04-10T19:38:31.218Z","updated_at":"2026-04-25T15:31:06.958Z","registry_url":"https://pkg.go.dev/github.com/google/safebrowsing","install_command":"go get github.com/google/safebrowsing","documentation_url":"https://pkg.go.dev/github.com/google/safebrowsing#section-documentation","metadata":{},"repo_metadata":{"id":8677730,"uuid":"58068600","full_name":"google/safebrowsing","owner":"google","description":"Safe Browsing API Go Client","archived":false,"fork":false,"pushed_at":"2024-04-19T09:33:35.000Z","size":8525,"stargazers_count":489,"open_issues_count":23,"forks_count":135,"subscribers_count":50,"default_branch":"master","last_synced_at":"2025-10-02T11:42:23.143Z","etag":null,"topics":["malware","query","security"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/google.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":"AUTHORS","dei":null,"publiccode":null,"codemeta":null}},"created_at":"2016-05-04T16:51:24.000Z","updated_at":"2025-09-10T08:58:11.000Z","dependencies_parsed_at":"2024-04-19T10:44:48.002Z","dependency_job_id":"56ec6a27-119c-4800-828b-84ac34bd1fe6","html_url":"https://github.com/google/safebrowsing","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/google/safebrowsing","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fsafebrowsing","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fsafebrowsing/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fsafebrowsing/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fsafebrowsing/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/google","download_url":"https://codeload.github.com/google/safebrowsing/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fsafebrowsing/sbom","scorecard":{"id":437849,"data":{"date":"2025-08-11","repo":{"name":"github.com/google/safebrowsing","commit":"bbf0d20d26b32d99fd21664677fe31ee9f0f66e3"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":3.7,"checks":[{"name":"Dangerous-Workflow","score":-1,"reason":"no workflows found","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Code-Review","score":8,"reason":"Found 25/30 approved changesets -- score normalized to 8","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Token-Permissions","score":-1,"reason":"No tokens found","details":null,"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Pinned-Dependencies","score":-1,"reason":"no dependencies found","details":null,"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: Apache License 2.0: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'master'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Security-Policy","score":10,"reason":"security policy file detected","details":["Info: security policy file detected: github.com/google/.github/SECURITY.md:1","Info: Found linked content: github.com/google/.github/SECURITY.md:1","Info: Found disclosure, vulnerability, and/or timelines in security policy: github.com/google/.github/SECURITY.md:1","Info: Found text in security policy: github.com/google/.github/SECURITY.md:1"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Vulnerabilities","score":0,"reason":"17 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GO-2022-0536 / GHSA-39qc-96h7-956f / GHSA-hgr8-6h9x-f7q9","Warn: Project is vulnerable to: GO-2022-0236 / GHSA-h86h-8ppg-mxmh","Warn: Project is vulnerable to: GO-2021-0238 / GHSA-83g2-8m93-v3w7","Warn: Project is vulnerable to: GO-2022-0288","Warn: Project is vulnerable to: GO-2022-0969 / GHSA-69cg-p879-7622","Warn: Project is vulnerable to: GO-2022-1144 / GHSA-xrjj-mj9h-534m","Warn: Project is vulnerable to: GO-2023-1571 / GHSA-vvpx-j8f3-3w6h","Warn: Project is vulnerable to: GO-2023-1988 / GHSA-2wrh-6pvc-2jm9","Warn: Project is vulnerable to: GO-2023-2102 / GHSA-4374-p667-p6c8","Warn: Project is vulnerable to: GHSA-qppj-fm5r-hxr3","Warn: Project is vulnerable to: GO-2024-2687 / GHSA-4v7x-pqxf-cx7m","Warn: Project is vulnerable to: GO-2024-3333","Warn: Project is vulnerable to: GO-2025-3503 / GHSA-qxp5-gwg8-xv66","Warn: Project is vulnerable to: GO-2025-3595 / GHSA-vvgc-356p-c3xw","Warn: Project is vulnerable to: GO-2020-0015 / GHSA-5rcv-m4m3-hfh7","Warn: Project is vulnerable to: GO-2021-0113 / GHSA-ppp9-7jff-5vj2","Warn: Project is vulnerable to: GO-2022-1059 / GHSA-69ch-w2m2-3vjp"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 29 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}}]},"last_synced_at":"2025-08-19T05:05:08.378Z","repository_id":8677730,"created_at":"2025-08-19T05:05:08.379Z","updated_at":"2025-08-19T05:05:08.379Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":278982133,"owners_count":26079797,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-08T02:00:06.501Z","response_time":56,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"},"owner_record":{"login":"google","name":"Google","uuid":"1342004","kind":"organization","description":"Google ❤️ Open Source","email":"opensource@google.com","website":"https://opensource.google/","location":"United States of America","twitter":"GoogleOSS","company":null,"icon_url":"https://avatars.githubusercontent.com/u/1342004?v=4","repositories_count":2773,"last_synced_at":"2025-08-12T15:55:14.931Z","metadata":{"has_sponsors_listing":false},"html_url":"https://github.com/google","funding_links":[],"total_stars":1967885,"followers":58475,"following":0,"created_at":"2022-11-02T16:20:58.973Z","updated_at":"2025-08-12T15:55:14.931Z","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/google","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/google/repositories"},"tags":[]},"repo_metadata_updated_at":"2025-10-19T01:29:46.209Z","dependent_packages_count":52,"downloads":null,"downloads_period":null,"dependent_repos_count":58,"rankings":{"downloads":null,"dependent_repos_count":0.7561385765324747,"dependent_packages_count":0.7204203132816844,"stargazers_count":2.834148219518569,"forks_count":2.3504030544766876,"docker_downloads_count":0.7062690220261859,"average":1.4734758371671204},"purl":"pkg:golang/github.com/google/safebrowsing","advisories":[],"docker_usage_url":"https://docker.ecosyste.ms/usage/go/github.com/google/safebrowsing","docker_dependents_count":3,"docker_downloads_count":113667,"usage_url":"https://repos.ecosyste.ms/usage/go/github.com/google/safebrowsing","dependent_repositories_url":"https://repos.ecosyste.ms/api/v1/usage/go/github.com/google/safebrowsing/dependencies","status":null,"funding_links":[],"critical":null,"issue_metadata":{"last_synced_at":"2025-10-11T20:24:34.105Z","issues_count":65,"pull_requests_count":48,"avg_time_to_close_issue":7786050.837209302,"avg_time_to_close_pull_request":4195860.395348838,"issues_closed_count":43,"pull_requests_closed_count":43,"pull_request_authors_count":22,"issue_authors_count":56,"avg_comments_per_issue":2.8153846153846156,"avg_comments_per_pull_request":2.0625,"merged_pull_requests_count":31,"bot_issues_count":0,"bot_pull_requests_count":6,"past_year_issues_count":1,"past_year_pull_requests_count":0,"past_year_avg_time_to_close_issue":null,"past_year_avg_time_to_close_pull_request":null,"past_year_issues_closed_count":0,"past_year_pull_requests_closed_count":0,"past_year_pull_request_authors_count":0,"past_year_issue_authors_count":1,"past_year_avg_comments_per_issue":0.0,"past_year_avg_comments_per_pull_request":null,"past_year_bot_issues_count":0,"past_year_bot_pull_requests_count":0,"past_year_merged_pull_requests_count":0,"issues_url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fsafebrowsing/issues","maintainers":[],"active_maintainers":[]},"versions_url":"https://packages.ecosyste.ms/api/v1/registries/proxy.golang.org/packages/github.com%2Fgoogle%2Fsafebrowsing/versions","version_numbers_url":"https://packages.ecosyste.ms/api/v1/registries/proxy.golang.org/packages/github.com%2Fgoogle%2Fsafebrowsing/version_numbers","dependent_packages_url":"https://packages.ecosyste.ms/api/v1/registries/proxy.golang.org/packages/github.com%2Fgoogle%2Fsafebrowsing/dependent_packages","related_packages_url":"https://packages.ecosyste.ms/api/v1/registries/proxy.golang.org/packages/github.com%2Fgoogle%2Fsafebrowsing/related_packages","codemeta_url":"https://packages.ecosyste.ms/api/v1/registries/proxy.golang.org/packages/github.com%2Fgoogle%2Fsafebrowsing/codemeta","maintainers":[]}