{"date":"2025-12-28T20:33:51Z","repo":{"name":"github.com/pixie-io/pixie","commit":"a4cdf70c11ec2e1f14316d187e9a94bc72334195"},"scorecard":{"version":"v5.1.1","commit":"cd152cb6742c5b8f2f3d2b5193b41d9c50905198"},"score":8.8,"checks":[{"name":"Code-Review","score":10,"reason":"all changesets reviewed","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/cd152cb6742c5b8f2f3d2b5193b41d9c50905198/docs/checks.md#code-review"}},{"name":"Dependency-Update-Tool","score":10,"reason":"update tool detected","details":["Info: detected update tool: Dependabot: .github/dependabot.yml:1"],"documentation":{"short":"Determines if the project uses a dependency update tool.","url":"https://github.com/ossf/scorecard/blob/cd152cb6742c5b8f2f3d2b5193b41d9c50905198/docs/checks.md#dependency-update-tool"}},{"name":"Maintained","score":10,"reason":"16 commit(s) and 8 issue activity found in the last 90 days -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/cd152cb6742c5b8f2f3d2b5193b41d9c50905198/docs/checks.md#maintained"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/cd152cb6742c5b8f2f3d2b5193b41d9c50905198/docs/checks.md#dangerous-workflow"}},{"name":"Security-Policy","score":10,"reason":"security policy file detected","details":["Info: security policy file detected: SECURITY.md:1","Info: Found linked content: SECURITY.md:1","Info: Found disclosure, vulnerability, and/or timelines in security policy: SECURITY.md:1","Info: Found text in security policy: SECURITY.md:1"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/cd152cb6742c5b8f2f3d2b5193b41d9c50905198/docs/checks.md#security-policy"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/cd152cb6742c5b8f2f3d2b5193b41d9c50905198/docs/checks.md#packaging"}},{"name":"Token-Permissions","score":10,"reason":"GitHub workflow tokens follow principle of least privilege","details":["Warn: jobLevel 'checks' permission set to 'write': .github/workflows/build_and_test.yaml:127","Info: jobLevel 'contents' permission set to 'read': .github/workflows/build_and_test.yaml:125","Info: jobLevel 'actions' permission set to 'read': .github/workflows/build_and_test.yaml:126","Warn: jobLevel 'contents' permission set to 'write': .github/workflows/cli_release.yaml:197","Warn: jobLevel 'contents' permission set to 'write': .github/workflows/cli_release.yaml:166","Warn: jobLevel 'contents' permission set to 'write': .github/workflows/cloud_release.yaml:69","Info: jobLevel 'actions' permission set to 'read': .github/workflows/codeql.yaml:15","Info: jobLevel 'contents' permission set to 'read': .github/workflows/codeql.yaml:16","Info: jobLevel 'contents' permission set to 'read': .github/workflows/codeql.yaml:34","Info: jobLevel 'actions' permission set to 'read': .github/workflows/codeql.yaml:33","Info: jobLevel 'actions' permission set to 'read': .github/workflows/codeql.yaml:47","Info: jobLevel 'contents' permission set to 'read': .github/workflows/codeql.yaml:48","Info: jobLevel 'contents' permission set to 'read': .github/workflows/filename_linter.yaml:13","Info: jobLevel 'pull-requests' permission set to 'read': .github/workflows/filename_linter.yaml:14","Info: jobLevel 'contents' permission set to 'read': .github/workflows/mirror_demos.yaml:10","Warn: jobLevel 'packages' permission set to 'write': .github/workflows/mirror_demos.yaml:11","Warn: jobLevel 'packages' permission set to 'write': .github/workflows/mirror_deps.yaml:11","Info: jobLevel 'contents' permission set to 'read': .github/workflows/mirror_deps.yaml:10","Info: jobLevel 'contents' permission set to 'read': .github/workflows/mirror_releases.yaml:11","Warn: jobLevel 'packages' permission set to 'write': .github/workflows/mirror_releases.yaml:12","Warn: jobLevel 'contents' permission set to 'write': .github/workflows/operator_release.yaml:87","Warn: jobLevel 'contents' permission set to 'write': .github/workflows/operator_release.yaml:118","Warn: jobLevel 'contents' permission set to 'write': .github/workflows/operator_release.yaml:151","Info: jobLevel 'actions' permission set to 'read': .github/workflows/oss_scorecard.yaml:20","Info: jobLevel 'contents' permission set to 'read': .github/workflows/oss_scorecard.yaml:19","Warn: jobLevel 'contents' permission set to 'write': .github/workflows/perf.yaml:54","Info: jobLevel 'actions' permission set to 'read': .github/workflows/trivy_fs.yaml:21","Info: jobLevel 'contents' permission set to 'read': .github/workflows/trivy_fs.yaml:22","Info: jobLevel 'actions' permission set to 'read': .github/workflows/trivy_images.yaml:26","Info: jobLevel 'contents' permission set to 'read': .github/workflows/trivy_images.yaml:27","Warn: jobLevel 'contents' permission set to 'write': .github/workflows/update_script_bundle.yaml:47","Warn: jobLevel 'contents' permission set to 'write': .github/workflows/vizier_release.yaml:158","Warn: jobLevel 'contents' permission set to 'write': .github/workflows/vizier_release.yaml:94","Warn: jobLevel 'contents' permission set to 'write': .github/workflows/vizier_release.yaml:125","Info: topLevel 'contents' permission set to 'read': .github/workflows/build_and_test.yaml:12","Info: topLevel 'contents' permission set to 'read': .github/workflows/cacher.yaml:8","Info: topLevel 'contents' permission set to 'read': .github/workflows/cli_release.yaml:8","Info: topLevel 'contents' permission set to 'read': .github/workflows/cloud_release.yaml:8","Info: topLevel 'contents' permission set to 'read': .github/workflows/codeql.yaml:10","Info: topLevel 'contents' permission set to 'read': .github/workflows/copybara_px_api.yaml:9","Info: topLevel 'contents' permission set to 'read': .github/workflows/filename_linter.yaml:6","Info: topLevel 'contents' permission set to 'read': .github/workflows/fossa.yaml:8","Info: topLevel 'contents' permission set to 'read': .github/workflows/get_image.yaml:18","Info: topLevel 'contents' permission set to 'read': .github/workflows/mirror_demos.yaml:6","Info: topLevel 'contents' permission set to 'read': .github/workflows/mirror_deps.yaml:6","Info: topLevel 'contents' permission set to 'read': .github/workflows/mirror_releases.yaml:7","Info: topLevel 'contents' permission set to 'read': .github/workflows/operator_release.yaml:8","Info: topLevel permissions set to 'read-all': .github/workflows/oss_scorecard.yaml:9","Info: topLevel 'contents' permission set to 'read': .github/workflows/perf.yaml:22","Info: topLevel 'contents' permission set to 'read': .github/workflows/perf_common.yaml:28","Info: topLevel 'contents' permission set to 'read': .github/workflows/pr_3p_deps.yaml:6","Info: topLevel 'contents' permission set to 'read': .github/workflows/pr_description_linter.yaml:7","Info: topLevel 'contents' permission set to 'read': .github/workflows/pr_genfiles.yml:6","Info: topLevel 'contents' permission set to 'read': .github/workflows/pr_linter.yml:6","Info: topLevel 'contents' permission set to 'read': .github/workflows/release_update_docs_px_dev.yaml:7","Info: topLevel 'contents' permission set to 'read': .github/workflows/release_update_readme.yaml:7","Info: topLevel 'contents' permission set to 'read': .github/workflows/trivy_fs.yaml:16","Info: topLevel 'contents' permission set to 'read': .github/workflows/trivy_images.yaml:10","Info: topLevel 'contents' permission set to 'read': .github/workflows/update_script_bundle.yaml:6","Info: topLevel 'contents' permission set to 'read': .github/workflows/vizier_release.yaml:8"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/cd152cb6742c5b8f2f3d2b5193b41d9c50905198/docs/checks.md#token-permissions"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/cd152cb6742c5b8f2f3d2b5193b41d9c50905198/docs/checks.md#binary-artifacts"}},{"name":"CII-Best-Practices","score":7,"reason":"badge detected: Silver","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/cd152cb6742c5b8f2f3d2b5193b41d9c50905198/docs/checks.md#cii-best-practices"}},{"name":"Pinned-Dependencies","score":9,"reason":"dependency not pinned by hash detected -- score normalized to 9","details":["Warn: containerImage not pinned by hash: src/stirling/testing/demo_apps/go_grpc_tls_pl/server/Dockerfile:48","Warn: containerImage not pinned by hash: src/stirling/testing/demo_apps/go_https/server/Dockerfile:33","Warn: containerImage not pinned by hash: tools/docker/linux_headers_image/Dockerfile:18","Warn: goCommand not pinned by hash: src/stirling/testing/demo_apps/go_grpc_tls_pl/server/Dockerfile:57-60","Info: 103 out of 103 GitHub-owned GitHubAction dependencies pinned","Info:  15 out of  15 third-party GitHubAction dependencies pinned","Info:  21 out of  24 containerImage dependencies pinned","Info:   2 out of   2 pipCommand dependencies pinned","Info:  12 out of  13 goCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/cd152cb6742c5b8f2f3d2b5193b41d9c50905198/docs/checks.md#pinned-dependencies"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: Apache License 2.0: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/cd152cb6742c5b8f2f3d2b5193b41d9c50905198/docs/checks.md#license"}},{"name":"Fuzzing","score":10,"reason":"project is fuzzed","details":["Info: GoBuiltInFuzzer integration found: src/vizier/utils/datastore/datastore_test.go:267","Info: GoBuiltInFuzzer integration found: src/vizier/utils/datastore/datastore_test.go:295","Info: GoBuiltInFuzzer integration found: src/vizier/utils/datastore/pebbledb/pebbledb_utils_test.go:56"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/cd152cb6742c5b8f2f3d2b5193b41d9c50905198/docs/checks.md#fuzzing"}},{"name":"Signed-Releases","score":8,"reason":"5 out of the last 5 releases have a total of 5 signed artifacts.","details":["Info: signed release artifact: vizier_template_yamls.tar.asc: https://github.com/pixie-io/pixie/releases/tag/release/vizier/v0.14.16-pre-v0.0","Info: signed release artifact: vizier_template_yamls.tar.asc: https://github.com/pixie-io/pixie/releases/tag/release/vizier/v0.14.16-pre-main.0","Info: signed release artifact: vizier_template_yamls.tar.asc: https://github.com/pixie-io/pixie/releases/tag/release/vizier/v0.14.15","Info: signed release artifact: licenses.json.asc: https://github.com/pixie-io/pixie/releases/tag/release/cloud/v0.1.9","Info: signed release artifact: vizier_template_yamls.tar.asc: https://github.com/pixie-io/pixie/releases/tag/release/vizier/v0.14.15-pre-main.0","Warn: release artifact release/vizier/v0.14.16-pre-v0.0 does not have provenance: https://api.github.com/repos/pixie-io/pixie/releases/239492252","Warn: release artifact release/vizier/v0.14.16-pre-main.0 does not have provenance: https://api.github.com/repos/pixie-io/pixie/releases/239124499","Warn: release artifact release/vizier/v0.14.15 does not have provenance: https://api.github.com/repos/pixie-io/pixie/releases/196735847","Warn: release artifact release/cloud/v0.1.9 does not have provenance: https://api.github.com/repos/pixie-io/pixie/releases/196736125","Warn: release artifact release/vizier/v0.14.15-pre-main.0 does not have provenance: https://api.github.com/repos/pixie-io/pixie/releases/196721617"],"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/cd152cb6742c5b8f2f3d2b5193b41d9c50905198/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":8,"reason":"branch protection is not maximal on development and all release branches","details":["Info: 'allow deletion' disabled on branch 'main'","Info: 'force pushes' disabled on branch 'main'","Warn: required approving review count is 1 on branch 'main'","Info: codeowner review is required on branch 'main'","Info: status check found to merge onto on branch 'main'","Info: PRs are required in order to make changes on branch 'main'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/cd152cb6742c5b8f2f3d2b5193b41d9c50905198/docs/checks.md#branch-protection"}},{"name":"SAST","score":10,"reason":"SAST tool is run on all commits","details":["Info: SAST configuration detected: CodeQL","Info: SAST configuration detected: CodeQL","Info: SAST configuration detected: CodeQL","Info: all commits (30) are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/cd152cb6742c5b8f2f3d2b5193b41d9c50905198/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":0,"reason":"142 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: PYSEC-2024-230 / GHSA-248v-346w-9cwc","Warn: Project is vulnerable to: PYSEC-2022-42986 / GHSA-43fp-rhv2-5gv8","Warn: Project is vulnerable to: PYSEC-2023-135 / GHSA-xqr8-7jwr-rhp7","Warn: Project is vulnerable to: PYSEC-2024-60 / GHSA-jjg7-2v4v-x38h","Warn: Project is vulnerable to: GHSA-9hjg-9r4m-mvj7","Warn: Project is vulnerable to: GHSA-9wx4-h78v-vm56","Warn: Project is vulnerable to: GHSA-2xpw-w6gg-jr37","Warn: Project is vulnerable to: GHSA-34jh-p97f-mpxf","Warn: Project is vulnerable to: PYSEC-2023-212 / GHSA-g4mx-q9vg-27p4","Warn: Project is vulnerable to: GHSA-gm62-xv2j-4w53","Warn: Project is vulnerable to: GHSA-pq67-6m6q-mj2v","Warn: Project is vulnerable to: PYSEC-2023-192 / GHSA-v845-jxx5-vc9f","Warn: Project is vulnerable to: GO-2024-2605 / GHSA-m7wr-2xf7-cm9p","Warn: Project is vulnerable to: GO-2024-2606 / GHSA-mrww-27vc-gghv","Warn: Project is vulnerable to: GO-2023-2379 / GHSA-7f9x-gw85-8grf","Warn: Project is vulnerable to: GO-2024-2632 / GHSA-hj3v-m684-v259","Warn: Project is vulnerable to: GO-2024-2454 / GHSA-pvcr-v8j8-j5q3","Warn: Project is vulnerable to: GO-2024-3304 / GHSA-2mj3-vfvx-fc43","Warn: Project is vulnerable to: GO-2024-3305 / GHSA-gh5c-3h97-2f3q","Warn: Project is vulnerable to: GO-2024-2512 / GHSA-xw73-rw38-6vjc","Warn: Project is vulnerable to: GO-2024-3005","Warn: Project is vulnerable to: GO-2025-3600 / GHSA-fhg8-qxh5-7q3w","Warn: Project is vulnerable to: GO-2025-4096 / GHSA-9493-h29p-rfm2","Warn: Project is vulnerable to: GO-2025-4098 / GHSA-cgrx-mc8f-2prm","Warn: Project is vulnerable to: GO-2024-3110 / GHSA-jfvp-7x6p-h2pv","Warn: Project is vulnerable to: GO-2025-4097 / GHSA-qw9x-cqr3-wc7r","Warn: Project is vulnerable to: GO-2024-2491 / GHSA-xr7r-f8xq-vfvv","Warn: Project is vulnerable to: GO-2025-4188 / GHSA-4f99-4q7p-p3gh","Warn: Project is vulnerable to: GO-2025-4135 / GHSA-f6x5-jh6r-wrfv","Warn: Project is vulnerable to: GO-2025-4134 / GHSA-j5w8-q4qc-rx2x","Warn: Project is vulnerable to: GO-2025-4116","Warn: Project is vulnerable to: GO-2025-3488 / GHSA-6v2p-p543-phr9","Warn: Project is vulnerable to: GO-2023-2153 / GHSA-m425-mq94-257g","Warn: Project is vulnerable to: GO-2024-2611 / GHSA-8r3f-844c-mc37","Warn: Project is vulnerable to: GO-2024-2456 / GHSA-449p-3h89-pw88","Warn: Project is vulnerable to: GO-2024-2466 / GHSA-mw99-9chc-xw7r","Warn: Project is vulnerable to: GO-2025-3367 / GHSA-r9px-m959-cxf4","Warn: Project is vulnerable to: GO-2025-3368 / GHSA-v725-9546-7q7m","Warn: Project is vulnerable to: GHSA-cpwx-vrp4-4pq7","Warn: Project is vulnerable to: GHSA-gmj6-6f8f-6699","Warn: Project is vulnerable to: GHSA-q2x7-8rv6-6q7h","Warn: Project is vulnerable to: PYSEC-2023-117","Warn: Project is vulnerable to: GHSA-9ggr-2464-2j32","Warn: Project is vulnerable to: GHSA-g7f3-828f-7h7m","Warn: Project is vulnerable to: GHSA-pq5p-34cr-23v9","Warn: Project is vulnerable to: PYSEC-2024-24 / GHSA-5h86-8mv2-jq9f","Warn: Project is vulnerable to: GHSA-5m98-qgg9-wh84","Warn: Project is vulnerable to: GHSA-7gpw-8wmc-pm8g","Warn: Project is vulnerable to: GHSA-8495-4g3g-x7pr","Warn: Project is vulnerable to: PYSEC-2024-26 / GHSA-8qpw-xqxj-h4r2","Warn: Project is vulnerable to: GHSA-9548-qrrj-x5pj","Warn: Project is vulnerable to: GHSA-w853-jp5j-5j7f","Warn: Project is vulnerable to: GHSA-9rw2-jf8x-cgwm","Warn: Project is vulnerable to: GHSA-6673-4983-2vx5","Warn: Project is vulnerable to: GHSA-768j-98cg-p3fv","Warn: Project is vulnerable to: GHSA-vqfr-h8mv-ghfj","Warn: Project is vulnerable to: GHSA-h5c8-rqwp-cp95","Warn: Project is vulnerable to: GHSA-h75v-3vvj-5mfj","Warn: Project is vulnerable to: GHSA-3f63-hfp8-52jq","Warn: Project is vulnerable to: GHSA-44wm-f244-xhp3","Warn: Project is vulnerable to: GHSA-8qvm-5x2c-j2w7","Warn: Project is vulnerable to: PYSEC-2024-161","Warn: Project is vulnerable to: GHSA-j225-cvw7-qrx7","Warn: Project is vulnerable to: GHSA-mr82-8j83-vxmv","Warn: Project is vulnerable to: PYSEC-2024-110 / GHSA-jw8x-6495-233v","Warn: Project is vulnerable to: PYSEC-2025-49 / GHSA-5rjg-fvgr-3xxf","Warn: Project is vulnerable to: GHSA-cx63-2mw6-8hw5","Warn: Project is vulnerable to: GHSA-g4r7-86gm-pgqc","Warn: Project is vulnerable to: GHSA-2c2j-9gv5-cj73","Warn: Project is vulnerable to: GHSA-f96h-pmfr-66vw","Warn: Project is vulnerable to: GHSA-3749-ghw9-m3mg","Warn: Project is vulnerable to: PYSEC-2025-41 / GHSA-53q9-r3pm-6pq6","Warn: Project is vulnerable to: PYSEC-2024-252 / GHSA-5pcm-hx3q-hm94","Warn: Project is vulnerable to: GHSA-887c-mr87-cxwp","Warn: Project is vulnerable to: PYSEC-2024-251 / GHSA-pg7h-5qx3-wjr3","Warn: Project is vulnerable to: PYSEC-2024-250","Warn: Project is vulnerable to: PYSEC-2024-259","Warn: Project is vulnerable to: GHSA-g7vv-2v7x-gj9p","Warn: Project is vulnerable to: GHSA-37mw-44qp-f5jm","Warn: Project is vulnerable to: GHSA-37q5-v5qm-c9v8","Warn: Project is vulnerable to: PYSEC-2023-300 / GHSA-3863-2447-669p","Warn: Project is vulnerable to: GHSA-4w7r-h757-3r74","Warn: Project is vulnerable to: GHSA-59p9-h35m-wg4g","Warn: Project is vulnerable to: GHSA-6rvg-6v2m-4j46","Warn: Project is vulnerable to: GHSA-9356-575x-2w9m","Warn: Project is vulnerable to: GHSA-fpwr-67px-3qhx","Warn: Project is vulnerable to: PYSEC-2024-229 / GHSA-hxxf-235m-72v3","Warn: Project is vulnerable to: GHSA-jjph-296x-mrcr","Warn: Project is vulnerable to: GHSA-phhr-52qp-3mj4","Warn: Project is vulnerable to: GHSA-q2wp-rjmx-x6x9","Warn: Project is vulnerable to: PYSEC-2025-40 / GHSA-qq3j-4f4f-9583","Warn: Project is vulnerable to: PYSEC-2024-227 / GHSA-qxrp-vhvm-j765","Warn: Project is vulnerable to: GHSA-rcv9-qm8p-9p6j","Warn: Project is vulnerable to: PYSEC-2023-301 / GHSA-v68g-wm8c-6x7j","Warn: Project is vulnerable to: PYSEC-2024-228 / GHSA-wrfc-pvp9-mr9g","Warn: Project is vulnerable to: GHSA-2g68-c3qc-8985","Warn: Project is vulnerable to: GHSA-f9vj-2wh5-fj8j","Warn: Project is vulnerable to: GHSA-hgf8-39gv-g3f2","Warn: Project is vulnerable to: GHSA-q34m-jh98-gwm2","Warn: Project is vulnerable to: GHSA-hgjp-83m4-h4fj","Warn: Project is vulnerable to: GHSA-496j-2rq6-j6cc","Warn: Project is vulnerable to: GHSA-968p-4wvh-cqc8","Warn: Project is vulnerable to: GHSA-p8p7-x288-28g6","Warn: Project is vulnerable to: GHSA-4hjh-wcwx-xvwj","Warn: Project is vulnerable to: GHSA-jr5f-v2jv-69x6","Warn: Project is vulnerable to: GHSA-wf5p-g6vw-rhxx","Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw","Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg","Warn: Project is vulnerable to: GHSA-pxg6-pf52-xh8x","Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275","Warn: Project is vulnerable to: GHSA-67mh-4wv8-2f99","Warn: Project is vulnerable to: GHSA-cxjh-pqwp-8mfp","Warn: Project is vulnerable to: GHSA-fjxv-7rqg-78g4","Warn: Project is vulnerable to: GHSA-4www-5p9h-95mh","Warn: Project is vulnerable to: GHSA-9gqv-wp59-fq42","Warn: Project is vulnerable to: GHSA-c7qv-q95q-8v27","Warn: Project is vulnerable to: GHSA-2p57-rm9w-gvfp","Warn: Project is vulnerable to: GHSA-78xj-cgh5-2h22","Warn: Project is vulnerable to: GHSA-hhhv-q57g-882q","Warn: Project is vulnerable to: GHSA-mh29-5h37-fv8m","Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv","Warn: Project is vulnerable to: GHSA-rx8g-88g5-qh64","Warn: Project is vulnerable to: GHSA-554w-wpv2-vw27","Warn: Project is vulnerable to: GHSA-5gfm-wpxj-wjgq","Warn: Project is vulnerable to: GHSA-65ch-62r8-g69g","Warn: Project is vulnerable to: GHSA-76c9-3jph-rj3q","Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j","Warn: Project is vulnerable to: GHSA-76p7-773f-r4q5","Warn: Project is vulnerable to: GHSA-f5x3-32g6-xq36","Warn: Project is vulnerable to: GHSA-8cj5-5rvv-wf4v","Warn: Project is vulnerable to: GHSA-pq67-2wwv-3xjx","Warn: Project is vulnerable to: GHSA-vj76-c3g6-qr5v","Warn: Project is vulnerable to: GHSA-52f5-9888-hmc6","Warn: Project is vulnerable to: GHSA-7f2v-3qq3-vvjf","Warn: Project is vulnerable to: GHSA-963h-3v39-3pqf","Warn: Project is vulnerable to: GHSA-mp7w-mhcv-673j","Warn: Project is vulnerable to: GHSA-rcw3-wmx7-cphr","Warn: Project is vulnerable to: GHSA-4vvj-4cpr-p986","Warn: Project is vulnerable to: GHSA-wr3j-pwj9-hqq6","Warn: Project is vulnerable to: GHSA-4v9v-hfq4-rm2v","Warn: Project is vulnerable to: GHSA-9jgg-88mc-972h","Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/cd152cb6742c5b8f2f3d2b5193b41d9c50905198/docs/checks.md#vulnerabilities"}},{"name":"CI-Tests","score":10,"reason":"30 out of 30 merged PRs checked by a CI test -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project runs tests before pull requests are merged.","url":"https://github.com/ossf/scorecard/blob/cd152cb6742c5b8f2f3d2b5193b41d9c50905198/docs/checks.md#ci-tests"}},{"name":"Contributors","score":10,"reason":"project has 7 contributing companies or organizations","details":["Info: found contributions from: PurdueIEEEComputerSociety, WukLab, brownsys, gimletlabs, new relic, pixie-io, pixie-io stanford"],"documentation":{"short":"Determines if the project has a set of contributors from multiple organizations (e.g., companies).","url":"https://github.com/ossf/scorecard/blob/cd152cb6742c5b8f2f3d2b5193b41d9c50905198/docs/checks.md#contributors"}}]}