{"id":12128091,"name":"github.com/scality/s3","ecosystem":"go","description":"","homepage":"https://github.com/scality/s3","licenses":"Apache-2.0","normalized_licenses":["Apache-2.0"],"repository_url":"https://github.com/scality/s3","keywords_array":[],"namespace":"github.com/scality","versions_count":0,"first_release_published_at":null,"latest_release_published_at":"2026-01-19T03:23:14.434Z","latest_release_number":null,"last_synced_at":"2026-05-13T04:32:08.907Z","created_at":"2025-09-23T09:56:14.895Z","updated_at":"2026-05-13T04:32:08.907Z","registry_url":"https://pkg.go.dev/github.com/scality/s3","install_command":"go get github.com/scality/s3","documentation_url":"https://pkg.go.dev/github.com/scality/s3#section-documentation","metadata":{},"repo_metadata":{"id":37398571,"uuid":"60165924","full_name":"scality/cloudserver","owner":"scality","description":"Zenko CloudServer, an open-source Node.js implementation of the Amazon S3 protocol on the front-end and backend storage capabilities to multiple clouds, including Azure and Google.","archived":false,"fork":false,"pushed_at":"2025-09-17T14:54:01.000Z","size":59418,"stargazers_count":1830,"open_issues_count":96,"forks_count":249,"subscribers_count":82,"default_branch":"development/9.1","last_synced_at":"2025-09-17T15:26:58.131Z","etag":null,"topics":["artesca","aws-s3","cloud","cloud-native","cloud-storage","docker","javascript","multiple-backends","nodejs","object-storage","s3-storage","storage","zenko"],"latest_commit_sha":null,"homepage":"https://www.zenko.io/cloudserver","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/scality.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2016-06-01T09:58:56.000Z","updated_at":"2025-09-17T08:13:28.000Z","dependencies_parsed_at":"2023-12-18T16:59:51.317Z","dependency_job_id":"b62dbb10-4125-4bd7-a7b9-d9f5db402cca","html_url":"https://github.com/scality/cloudserver","commit_stats":{"total_commits":2980,"total_committers":85,"mean_commits":35.05882352941177,"dds":0.875503355704698,"last_synced_commit":"20d0b38d0b4f5ffea5795a0948607d97f9d2eb1c"},"previous_names":["scality/s3"],"tags_count":902,"template":false,"template_full_name":null,"purl":"pkg:github/scality/cloudserver","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/scality%2Fcloudserver","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/scality%2Fcloudserver/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/scality%2Fcloudserver/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/scality%2Fcloudserver/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/scality","download_url":"https://codeload.github.com/scality/cloudserver/tar.gz/refs/heads/development/9.1","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/scality%2Fcloudserver/sbom","scorecard":{"id":488792,"data":{"date":"2025-08-11","repo":{"name":"github.com/scality/cloudserver","commit":"15ac4c656a4312d7a31bc22bd8d91895e47df812"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":5,"checks":[{"name":"Code-Review","score":6,"reason":"Found 10/16 approved changesets -- score normalized to 6","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Maintained","score":10,"reason":"30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: Apache License 2.0: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Info: jobLevel 'contents' permission set to 'read': .github/workflows/tests.yaml:160","Warn: no topLevel permission defined: .github/workflows/alerts.yaml:1","Warn: no topLevel permission defined: .github/workflows/codeql.yaml:1","Warn: no topLevel permission defined: .github/workflows/dependency-review.yaml:1","Warn: no topLevel permission defined: .github/workflows/release.yaml:1","Info: topLevel 'contents' permission set to 'read': .github/workflows/tests.yaml:74","Warn: topLevel 'packages' permission set to 'write': .github/workflows/tests.yaml:75","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Branch-Protection","score":1,"reason":"branch protection is not maximal on development and all release branches","details":["Warn: 'allow deletion' enabled on branch 'development/9.0'","Info: 'force pushes' disabled on branch 'development/9.0'","Info: required approving review count is 2 on branch 'development/9.0'","Warn: codeowners review is not required on branch 'development/9.0'","Warn: no status checks found to merge onto branch 'development/9.0'","Info: PRs are required in order to make changes on branch 'development/9.0'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Packaging","score":10,"reason":"packaging workflow detected","details":["Info: Project packages its releases by way of GitHub Actions.: .github/workflows/release.yaml:16"],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Info: Possibly incomplete results: error parsing shell code: \"foo(\" must be followed by ): bin/create_encrypted_bucket.js:0","Info: Possibly incomplete results: error parsing shell code: a command can only contain words and redirects; encountered (: bin/search_bucket.js:0","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/alerts.yaml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/alerts.yaml/development/9.0?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/alerts.yaml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/alerts.yaml/development/9.0?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yaml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/codeql.yaml/development/9.0?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yaml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/codeql.yaml/development/9.0?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yaml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/codeql.yaml/development/9.0?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/dependency-review.yaml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/dependency-review.yaml/development/9.0?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/dependency-review.yaml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/dependency-review.yaml/development/9.0?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yaml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/release.yaml/development/9.0?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yaml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/release.yaml/development/9.0?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yaml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/release.yaml/development/9.0?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yaml:47: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/release.yaml/development/9.0?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yaml:56: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/release.yaml/development/9.0?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yaml:72: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/release.yaml/development/9.0?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:827: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:828: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yaml:832: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yaml:942: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:242: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yaml:244: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yaml:271: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yaml:278: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:302: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yaml:322: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yaml:329: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:415: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yaml:438: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yaml:445: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:467: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yaml:484: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yaml:491: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:523: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yaml:542: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yaml:549: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:82: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:83: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:92: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:111: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:112: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yaml:130: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yaml:136: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yaml:148: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:164: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yaml:167: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yaml:170: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yaml:177: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yaml:191: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yaml:207: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yaml:220: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:355: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yaml:376: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yaml:383: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:580: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yaml:602: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yaml:609: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:632: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:633: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yaml:671: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:696: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yaml:698: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yaml:705: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yaml:756: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yaml:763: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: containerImage not pinned by hash: .github/ceph/Dockerfile:1: pin your Docker image by updating ceph/daemon:v3.2.1-stable-3.2-mimic-centos-7 to ceph/daemon:v3.2.1-stable-3.2-mimic-centos-7@sha256:cd5a71bce6c83a8eeab5ea0ad261aece73bb43327410ea952290bb3cbb13c4bb","Warn: containerImage not pinned by hash: .github/docker/mongodb/Dockerfile:1: pin your Docker image by updating mongo:5.0.21 to mongo:5.0.21@sha256:7c81758cb2950b7e26bea6c9f1e0ce0da0cdc2fde040c70cfef4d957ccf23c52","Warn: containerImage not pinned by hash: .github/docker/sproxyd/Dockerfile:1","Warn: containerImage not pinned by hash: .github/pykmip/Dockerfile:1: pin your Docker image by updating python:3.10-alpine to python:3.10-alpine@sha256:24cab748bf7bd8e3d2f9bb4e5771f17b628417527a4e1f2c59c370c2a8a27f1c","Warn: containerImage not pinned by hash: Dockerfile:3","Warn: containerImage not pinned by hash: Dockerfile:33","Warn: containerImage not pinned by hash: DockerfileMem:1: pin your Docker image by updating node:6-slim to node:6-slim@sha256:2cdb3951bc2cd934a056b1b1ff2224da2c092f28a6ac73133d76ce72dc54252e","Warn: containerImage not pinned by hash: images/federation/Dockerfile:2","Warn: containerImage not pinned by hash: images/federation/Dockerfile:5","Warn: containerImage not pinned by hash: images/federation/Dockerfile:12","Warn: containerImage not pinned by hash: tests/deps/squid/Dockerfile:1: pin your Docker image by updating alpine:3.7 to alpine:3.7@sha256:8421d9a84432575381bfabd248f1eb56f3aa21d9d7cd2511583c68c9b7511d10","Warn: pipCommand not pinned by hash: .github/ceph/Dockerfile:19-23","Warn: npmCommand not pinned by hash: Dockerfile:25-27","Warn: pipCommand not pinned by hash: .github/workflows/tests.yaml:98","Info:   0 out of  25 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of  37 third-party GitHubAction dependencies pinned","Info:   0 out of  11 containerImage dependencies pinned","Info:   0 out of   2 pipCommand dependencies pinned","Info:   0 out of   1 npmCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"SAST","score":9,"reason":"SAST tool detected but not run on all commits","details":["Info: SAST configuration detected: CodeQL","Warn: 20 commits out of 26 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":0,"reason":"103 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: PYSEC-2021-421 / GHSA-h4m5-qpfp-3mpv","Warn: Project is vulnerable to: PYSEC-2022-42986 / GHSA-43fp-rhv2-5gv8","Warn: Project is vulnerable to: PYSEC-2023-135 / GHSA-xqr8-7jwr-rhp7","Warn: Project is vulnerable to: PYSEC-2024-60 / GHSA-jjg7-2v4v-x38h","Warn: Project is vulnerable to: PYSEC-2019-217 / GHSA-462w-v97r-4m45","Warn: Project is vulnerable to: GHSA-cpwx-vrp4-4pq7","Warn: Project is vulnerable to: PYSEC-2021-66 / GHSA-g3rq-g295-4j3m","Warn: Project is vulnerable to: GHSA-h5c8-rqwp-cp95","Warn: Project is vulnerable to: GHSA-h75v-3vvj-5mfj","Warn: Project is vulnerable to: GHSA-q2x7-8rv6-6q7h","Warn: Project is vulnerable to: PYSEC-2021-140 / GHSA-9w8r-397f-prfh","Warn: Project is vulnerable to: PYSEC-2023-117 / GHSA-mrwq-x4v8-fh7p","Warn: Project is vulnerable to: PYSEC-2021-141 / GHSA-pq64-v7f5-gqh8","Warn: Project is vulnerable to: GHSA-9hjg-9r4m-mvj7","Warn: Project is vulnerable to: GHSA-9wx4-h78v-vm56","Warn: Project is vulnerable to: PYSEC-2023-74 / GHSA-j8r2-6x86-q33q","Warn: Project is vulnerable to: GHSA-34jh-p97f-mpxf","Warn: Project is vulnerable to: PYSEC-2023-212 / GHSA-g4mx-q9vg-27p4","Warn: Project is vulnerable to: PYSEC-2023-207 / GHSA-gwvm-45gx-3cf8","Warn: Project is vulnerable to: PYSEC-2019-133 / GHSA-mh33-7rrq-662w","Warn: Project is vulnerable to: GHSA-pq67-6m6q-mj2v","Warn: Project is vulnerable to: PYSEC-2019-132 / GHSA-r64q-w8jr-g9qp","Warn: Project is vulnerable to: PYSEC-2023-192 / GHSA-v845-jxx5-vc9f","Warn: Project is vulnerable to: PYSEC-2020-148 / GHSA-wqvq-5m8c-6g24","Warn: Project is vulnerable to: PYSEC-2021-108","Warn: Project is vulnerable to: GHSA-c28r-hw5m-5gv3","Warn: Project is vulnerable to: GHSA-h46c-h94j-95f3","Warn: Project is vulnerable to: GHSA-wf8f-6423-gfxg","Warn: Project is vulnerable to: GHSA-288c-cq4h-88gq","Warn: Project is vulnerable to: GHSA-4gq5-ch57-c2mg","Warn: Project is vulnerable to: GHSA-4w82-r329-3q67","Warn: Project is vulnerable to: GHSA-57j2-w4cx-62h2","Warn: Project is vulnerable to: GHSA-5949-rw7g-wx7w","Warn: Project is vulnerable to: GHSA-5r5r-6hpj-8gg9","Warn: Project is vulnerable to: GHSA-5ww9-j83m-q7qx","Warn: Project is vulnerable to: GHSA-645p-88qh-w398","Warn: Project is vulnerable to: GHSA-6fpp-rgj9-8rwc","Warn: Project is vulnerable to: GHSA-85cw-hj65-qqv9","Warn: Project is vulnerable to: GHSA-89qr-369f-5m5x","Warn: Project is vulnerable to: GHSA-8c4j-34r4-xr8g","Warn: Project is vulnerable to: GHSA-8w26-6f25-cm9x","Warn: Project is vulnerable to: GHSA-9gph-22xh-8x98","Warn: Project is vulnerable to: GHSA-9m6f-7xcq-8vf8","Warn: Project is vulnerable to: GHSA-c8hm-7hpq-7jhg","Warn: Project is vulnerable to: GHSA-cf6r-3wgc-h863","Warn: Project is vulnerable to: GHSA-cggj-fvv3-cqwv","Warn: Project is vulnerable to: GHSA-cjjf-94ff-43w7","Warn: Project is vulnerable to: GHSA-cmfg-87vq-g5g4","Warn: Project is vulnerable to: GHSA-cvm9-fjm9-3572","Warn: Project is vulnerable to: GHSA-f3j5-rmmp-3fc5","Warn: Project is vulnerable to: GHSA-f9xh-2qgp-cq57","Warn: Project is vulnerable to: GHSA-fmmc-742q-jg75","Warn: Project is vulnerable to: GHSA-fqwf-pjwf-7vqv","Warn: Project is vulnerable to: GHSA-gjmw-vf9h-g25v","Warn: Project is vulnerable to: GHSA-gwp4-hfv6-p7hw","Warn: Project is vulnerable to: GHSA-gww7-p5w4-wrfv","Warn: Project is vulnerable to: GHSA-h3cw-g4mq-c5x2","Warn: Project is vulnerable to: GHSA-h592-38cm-4ggp","Warn: Project is vulnerable to: GHSA-h822-r4r5-v8jg","Warn: Project is vulnerable to: GHSA-jjjh-jjxp-wpff","Warn: Project is vulnerable to: GHSA-m6x4-97wx-4q27","Warn: Project is vulnerable to: GHSA-mph4-vhrx-mv67","Warn: Project is vulnerable to: GHSA-mx7p-6679-8g3q","Warn: Project is vulnerable to: GHSA-p43x-xfjf-5jhr","Warn: Project is vulnerable to: GHSA-q93h-jc49-78gg","Warn: Project is vulnerable to: GHSA-qjw2-hr98-qgfh","Warn: Project is vulnerable to: GHSA-qr7j-h6gg-jmgc","Warn: Project is vulnerable to: GHSA-qxxx-2pp7-5hmx","Warn: Project is vulnerable to: GHSA-r3gr-cxrf-hg25","Warn: Project is vulnerable to: GHSA-r695-7vr9-jgc2","Warn: Project is vulnerable to: GHSA-rfx6-vp9g-rh7v","Warn: Project is vulnerable to: GHSA-rgv9-q543-rqg4","Warn: Project is vulnerable to: GHSA-rpr3-cw39-3pxh","Warn: Project is vulnerable to: GHSA-v585-23hc-c647","Warn: Project is vulnerable to: GHSA-vfqx-33qm-g869","Warn: Project is vulnerable to: GHSA-w3f4-3q6j-rh82","Warn: Project is vulnerable to: GHSA-wh8g-3j2c-rqj5","Warn: Project is vulnerable to: GHSA-269g-pwp5-87pp","Warn: Project is vulnerable to: GHSA-7r82-7xv7-xcpj","Warn: Project is vulnerable to: GHSA-264p-99wq-f4j6","Warn: Project is vulnerable to: GHSA-xffm-g5w8-qvg7","Warn: Project is vulnerable to: GHSA-4w2v-q235-vp99","Warn: Project is vulnerable to: GHSA-cph5-m8f7-6c5x","Warn: Project is vulnerable to: GHSA-wf5p-g6vw-rhxx","Warn: Project is vulnerable to: GHSA-jr5f-v2jv-69x6","Warn: Project is vulnerable to: GHSA-xq7p-g2vc-g82p","Warn: Project is vulnerable to: GHSA-wrw9-m778-g6mc","Warn: Project is vulnerable to: GHSA-pp7h-53gx-mx7r","Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw","Warn: Project is vulnerable to: GHSA-74fj-2j2h-c42q","Warn: Project is vulnerable to: GHSA-pw2r-vq6v-hr8c","Warn: Project is vulnerable to: GHSA-jchw-25xp-jwwc","Warn: Project is vulnerable to: GHSA-cxjh-pqwp-8mfp","Warn: Project is vulnerable to: GHSA-fjxv-7rqg-78g4","Warn: Project is vulnerable to: GHSA-5rrq-pxf6-6jx5","Warn: Project is vulnerable to: GHSA-8fr3-hfg3-gpgp","Warn: Project is vulnerable to: GHSA-gf8q-jrpm-jvxq","Warn: Project is vulnerable to: GHSA-2r2c-g63r-vccr","Warn: Project is vulnerable to: GHSA-cfm4-qjh2-4765","Warn: Project is vulnerable to: GHSA-x4jg-mjrx-434g","Warn: Project is vulnerable to: GHSA-p8p7-x288-28g6","Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw","Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-19T18:31:36.050Z","repository_id":37398571,"created_at":"2025-08-19T18:31:36.050Z","updated_at":"2025-08-19T18:31:36.050Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":276058128,"owners_count":25577875,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-09-20T02:00:10.207Z","response_time":63,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"repo_metadata_updated_at":"2025-09-23T15:10:59.453Z","dependent_packages_count":0,"downloads":null,"downloads_period":null,"dependent_repos_count":0,"rankings":{"downloads":null,"dependent_repos_count":5.513747321421296,"dependent_packages_count":5.166907025820276,"stargazers_count":null,"forks_count":null,"docker_downloads_count":null,"average":5.340327173620786},"purl":"pkg:golang/github.com/scality/s3","advisories":[],"docker_usage_url":"https://docker.ecosyste.ms/usage/go/github.com/scality/s3","docker_dependents_count":null,"docker_downloads_count":null,"usage_url":"https://repos.ecosyste.ms/usage/go/github.com/scality/s3","dependent_repositories_url":"https://repos.ecosyste.ms/api/v1/usage/go/github.com/scality/s3/dependencies","status":null,"funding_links":[],"critical":null,"issue_metadata":{"last_synced_at":"2025-09-20T23:50:30.592Z","issues_count":21,"pull_requests_count":1042,"avg_time_to_close_issue":10507.75,"avg_time_to_close_pull_request":2016388.3468926554,"issues_closed_count":4,"pull_requests_closed_count":885,"pull_request_authors_count":30,"issue_authors_count":21,"avg_comments_per_issue":1.619047619047619,"avg_comments_per_pull_request":4.880038387715931,"merged_pull_requests_count":426,"bot_issues_count":0,"bot_pull_requests_count":370,"past_year_issues_count":5,"past_year_pull_requests_count":343,"past_year_avg_time_to_close_issue":2525.0,"past_year_avg_time_to_close_pull_request":755756.1007751938,"past_year_issues_closed_count":2,"past_year_pull_requests_closed_count":258,"past_year_pull_request_authors_count":18,"past_year_issue_authors_count":5,"past_year_avg_comments_per_issue":1.0,"past_year_avg_comments_per_pull_request":5.309037900874635,"past_year_bot_issues_count":0,"past_year_bot_pull_requests_count":75,"past_year_merged_pull_requests_count":181,"issues_url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/repositories/scality%2Fcloudserver/issues","maintainers":[],"active_maintainers":[]},"versions_url":"https://packages.ecosyste.ms/api/v1/registries/proxy.golang.org/packages/github.com%2Fscality%2Fs3/versions","version_numbers_url":"https://packages.ecosyste.ms/api/v1/registries/proxy.golang.org/packages/github.com%2Fscality%2Fs3/version_numbers","latest_version_url":"https://packages.ecosyste.ms/api/v1/registries/proxy.golang.org/packages/github.com%2Fscality%2Fs3/latest_version","dependent_packages_url":"https://packages.ecosyste.ms/api/v1/registries/proxy.golang.org/packages/github.com%2Fscality%2Fs3/dependent_packages","related_packages_url":"https://packages.ecosyste.ms/api/v1/registries/proxy.golang.org/packages/github.com%2Fscality%2Fs3/related_packages","codemeta_url":"https://packages.ecosyste.ms/api/v1/registries/proxy.golang.org/packages/github.com%2Fscality%2Fs3/codemeta","maintainers":[]}