{"id":357446,"url":"https://github.com/temuller/hostphot","last_synced_at":"2026-06-21T22:00:59.647Z","repository":{"id":40585967,"uuid":"471063086","full_name":"temuller/hostphot","owner":"temuller","description":"HostPhot: global and local photometry of galaxies hosting supernovae or other transients","archived":false,"fork":false,"pushed_at":"2026-04-24T11:19:03.000Z","size":57158,"stargazers_count":9,"open_issues_count":2,"forks_count":3,"subscribers_count":1,"default_branch":"main","last_synced_at":"2026-06-11T17:04:49.093Z","etag":null,"topics":["cosmology","cutout","galaxy","image","photometry","python","sep","sextractor","supernova","transients"],"latest_commit_sha":null,"homepage":"https://hostphot.readthedocs.io/en/latest/","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/temuller.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2022-03-17T16:41:07.000Z","updated_at":"2026-04-24T11:19:07.000Z","dependencies_parsed_at":"2024-01-30T16:50:27.842Z","dependency_job_id":"53966b2d-fd69-4966-a53f-e0da40afa714","html_url":"https://github.com/temuller/hostphot","commit_stats":{"total_commits":154,"total_committers":3,"mean_commits":"51.333333333333336","dds":"0.48051948051948057","last_synced_commit":"028249d3d58faaff6622f6c37aee4b3b89005f19"},"previous_names":[],"tags_count":8,"template":false,"template_full_name":null,"purl":"pkg:github/temuller/hostphot","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/temuller%2Fhostphot","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/temuller%2Fhostphot/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/temuller%2Fhostphot/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/temuller%2Fhostphot/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/temuller","download_url":"https://codeload.github.com/temuller/hostphot/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/temuller%2Fhostphot/sbom","scorecard":{"id":873563,"data":{"date":"2025-08-11","repo":{"name":"github.com/temuller/hostphot","commit":"cbb69fa31597dc3567e8526b5e5a3115accdb2fb"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":2.9,"checks":[{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"SAST","score":0,"reason":"no SAST tool detected","details":["Warn: no pull requests merged into dev branch"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Code-Review","score":0,"reason":"Found 0/30 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Maintained","score":4,"reason":"4 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 4","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/draft-pdf.yml:1","Warn: no topLevel permission defined: .github/workflows/main.yml:1","Warn: no topLevel permission defined: .github/workflows/paper.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: MIT License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'main'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/draft-pdf.yml:9: update your workflow using https://app.stepsecurity.io/secureworkflow/temuller/hostphot/draft-pdf.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/draft-pdf.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/temuller/hostphot/draft-pdf.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/draft-pdf.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/temuller/hostphot/draft-pdf.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/temuller/hostphot/main.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/temuller/hostphot/main.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/paper.yml:9: update your workflow using https://app.stepsecurity.io/secureworkflow/temuller/hostphot/paper.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/paper.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/temuller/hostphot/paper.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/paper.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/temuller/hostphot/paper.yml/main?enable=pin","Warn: pipCommand not pinned by hash: .github/workflows/main.yml:29","Warn: pipCommand not pinned by hash: .github/workflows/main.yml:30","Warn: pipCommand not pinned by hash: .github/workflows/main.yml:31","Info:   0 out of   6 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of   2 third-party GitHubAction dependencies pinned","Info:   0 out of   3 pipCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Vulnerabilities","score":0,"reason":"22 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-29gw-9793-fvw7","Warn: Project is vulnerable to: PYSEC-2015-24 / GHSA-4vwq-x64q-j4cj","Warn: Project is vulnerable to: PYSEC-2017-46 / GHSA-66gw-5xpf-gfp5","Warn: Project is vulnerable to: PYSEC-2015-25 / GHSA-92mr-v722-f48m","Warn: Project is vulnerable to: PYSEC-2022-12 / GHSA-pq7m-3gw7-gq5x","Warn: Project is vulnerable to: PYSEC-2017-47","Warn: Project is vulnerable to: GHSA-xgfm-fjx6-62mj","Warn: Project is vulnerable to: GHSA-h2x6-5jx5-46hf","Warn: Project is vulnerable to: PYSEC-2018-34 / GHSA-2fc2-6r4j-p65h","Warn: Project is vulnerable to: PYSEC-2021-856 / GHSA-5545-2q6w-2gh6","Warn: Project is vulnerable to: PYSEC-2019-108 / GHSA-9fq2-x9r6-wfmf","Warn: Project is vulnerable to: PYSEC-2018-33 / GHSA-cw6w-4rcx-xphc","Warn: Project is vulnerable to: PYSEC-2021-857 / GHSA-f7c7-j99h-c22f","Warn: Project is vulnerable to: GHSA-fpfv-jqm9-f5jm","Warn: Project is vulnerable to: PYSEC-2017-1 / GHSA-frgw-fgh6-9g52","Warn: Project is vulnerable to: PYSEC-2020-73","Warn: Project is vulnerable to: PYSEC-2013-9 / GHSA-4gv5-qhvr-36vv","Warn: Project is vulnerable to: PYSEC-2021-437 / GHSA-5xp3-jfq3-5q8x","Warn: Project is vulnerable to: PYSEC-2019-160 / GHSA-c5h8-cq4v-cvfm","Warn: Project is vulnerable to: PYSEC-2013-8 / GHSA-g3p5-fjj9-h8gj","Warn: Project is vulnerable to: PYSEC-2020-173 / GHSA-gpvv-69j7-gwj8","Warn: Project is vulnerable to: PYSEC-2023-228 / GHSA-mq26-g339-26xf"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-24T05:05:11.157Z","repository_id":40585967,"created_at":"2025-08-24T05:05:11.157Z","updated_at":"2025-08-24T05:05:11.157Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":34627177,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-06-21T02:00:05.568Z","response_time":54,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"owner":{"login":"temuller","name":"Tomás E. Müller Bravo","uuid":"20286110","kind":"user","description":"I am a postdoc at ICE in Barcelona, Spain. My work is mainly focused on supernova cosmology but also on transients physics.","email":"","website":"https://temuller.github.io/","location":"Barcelona, Spain","twitter":null,"company":"Institute of Space Sciences (ICE-CSIC)","icon_url":"https://avatars.githubusercontent.com/u/20286110?u=b60a6ab2a29a0c80d89538e2de7fd519c4aa2dbf\u0026v=4","repositories_count":29,"last_synced_at":"2024-04-29T17:07:28.452Z","metadata":{"has_sponsors_listing":false},"html_url":"https://github.com/temuller","funding_links":[],"total_stars":20,"followers":12,"following":2,"created_at":"2022-11-20T07:17:43.427Z","updated_at":"2024-04-29T17:07:36.421Z","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/temuller","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/temuller/repositories"},"packages":[{"id":2760448,"name":"hostphot","ecosystem":"pypi","description":"Global and local photometry of galaxies hosting supernovae or other transients","homepage":"https://github.com/temuller/hostphot","licenses":"MIT","normalized_licenses":["MIT"],"repository_url":"https://github.com/temuller/hostphot","keywords_array":[],"namespace":null,"versions_count":32,"first_release_published_at":"2022-03-21T12:44:34.000Z","latest_release_published_at":"2026-04-24T13:03:39.000Z","latest_release_number":"3.2.1","last_synced_at":"2026-06-15T19:08:59.820Z","created_at":"2022-04-10T11:15:27.255Z","updated_at":"2026-06-15T19:17:14.572Z","registry_url":"https://pypi.org/project/hostphot/","install_command":"pip install hostphot --index-url https://pypi.org/simple","documentation_url":"https://hostphot.readthedocs.io/","metadata":{"funding":null,"documentation":null,"classifiers":["License :: OSI Approved :: MIT License","Operating System :: OS Independent","Programming Language :: Python :: 3"],"normalized_name":"hostphot","project_status":null},"repo_metadata":{"id":40585967,"uuid":"471063086","full_name":"temuller/hostphot","owner":"temuller","description":"HostPhot: global and local photometry of galaxies hosting supernovae or other transients","archived":false,"fork":false,"pushed_at":"2026-04-24T11:19:03.000Z","size":57158,"stargazers_count":9,"open_issues_count":2,"forks_count":3,"subscribers_count":1,"default_branch":"main","last_synced_at":"2026-05-23T10:58:29.907Z","etag":null,"topics":["cosmology","cutout","galaxy","image","photometry","python","sep","sextractor","supernova","transients"],"latest_commit_sha":null,"homepage":"https://hostphot.readthedocs.io/en/latest/","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/temuller.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2022-03-17T16:41:07.000Z","updated_at":"2026-04-24T11:19:07.000Z","dependencies_parsed_at":"2024-01-30T16:50:27.842Z","dependency_job_id":"53966b2d-fd69-4966-a53f-e0da40afa714","html_url":"https://github.com/temuller/hostphot","commit_stats":{"total_commits":154,"total_committers":3,"mean_commits":"51.333333333333336","dds":"0.48051948051948057","last_synced_commit":"028249d3d58faaff6622f6c37aee4b3b89005f19"},"previous_names":[],"tags_count":8,"template":false,"template_full_name":null,"purl":"pkg:github/temuller/hostphot","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/temuller%2Fhostphot","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/temuller%2Fhostphot/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/temuller%2Fhostphot/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/temuller%2Fhostphot/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/temuller","download_url":"https://codeload.github.com/temuller/hostphot/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/temuller%2Fhostphot/sbom","scorecard":{"id":873563,"data":{"date":"2025-08-11","repo":{"name":"github.com/temuller/hostphot","commit":"cbb69fa31597dc3567e8526b5e5a3115accdb2fb"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":2.9,"checks":[{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"SAST","score":0,"reason":"no SAST tool detected","details":["Warn: no pull requests merged into dev branch"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Code-Review","score":0,"reason":"Found 0/30 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Maintained","score":4,"reason":"4 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 4","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/draft-pdf.yml:1","Warn: no topLevel permission defined: .github/workflows/main.yml:1","Warn: no topLevel permission defined: .github/workflows/paper.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: MIT License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'main'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/draft-pdf.yml:9: update your workflow using https://app.stepsecurity.io/secureworkflow/temuller/hostphot/draft-pdf.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/draft-pdf.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/temuller/hostphot/draft-pdf.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/draft-pdf.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/temuller/hostphot/draft-pdf.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/temuller/hostphot/main.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/temuller/hostphot/main.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/paper.yml:9: update your workflow using https://app.stepsecurity.io/secureworkflow/temuller/hostphot/paper.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/paper.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/temuller/hostphot/paper.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/paper.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/temuller/hostphot/paper.yml/main?enable=pin","Warn: pipCommand not pinned by hash: .github/workflows/main.yml:29","Warn: pipCommand not pinned by hash: .github/workflows/main.yml:30","Warn: pipCommand not pinned by hash: .github/workflows/main.yml:31","Info:   0 out of   6 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of   2 third-party GitHubAction dependencies pinned","Info:   0 out of   3 pipCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Vulnerabilities","score":0,"reason":"22 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-29gw-9793-fvw7","Warn: Project is vulnerable to: PYSEC-2015-24 / GHSA-4vwq-x64q-j4cj","Warn: Project is vulnerable to: PYSEC-2017-46 / GHSA-66gw-5xpf-gfp5","Warn: Project is vulnerable to: PYSEC-2015-25 / GHSA-92mr-v722-f48m","Warn: Project is vulnerable to: PYSEC-2022-12 / GHSA-pq7m-3gw7-gq5x","Warn: Project is vulnerable to: PYSEC-2017-47","Warn: Project is vulnerable to: GHSA-xgfm-fjx6-62mj","Warn: Project is vulnerable to: GHSA-h2x6-5jx5-46hf","Warn: Project is vulnerable to: PYSEC-2018-34 / GHSA-2fc2-6r4j-p65h","Warn: Project is vulnerable to: PYSEC-2021-856 / GHSA-5545-2q6w-2gh6","Warn: Project is vulnerable to: PYSEC-2019-108 / GHSA-9fq2-x9r6-wfmf","Warn: Project is vulnerable to: PYSEC-2018-33 / GHSA-cw6w-4rcx-xphc","Warn: Project is vulnerable to: PYSEC-2021-857 / GHSA-f7c7-j99h-c22f","Warn: Project is vulnerable to: GHSA-fpfv-jqm9-f5jm","Warn: Project is vulnerable to: PYSEC-2017-1 / GHSA-frgw-fgh6-9g52","Warn: Project is vulnerable to: PYSEC-2020-73","Warn: Project is vulnerable to: PYSEC-2013-9 / GHSA-4gv5-qhvr-36vv","Warn: Project is vulnerable to: PYSEC-2021-437 / GHSA-5xp3-jfq3-5q8x","Warn: Project is vulnerable to: PYSEC-2019-160 / GHSA-c5h8-cq4v-cvfm","Warn: Project is vulnerable to: PYSEC-2013-8 / GHSA-g3p5-fjj9-h8gj","Warn: Project is vulnerable to: PYSEC-2020-173 / GHSA-gpvv-69j7-gwj8","Warn: Project is vulnerable to: PYSEC-2023-228 / GHSA-mq26-g339-26xf"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-24T05:05:11.157Z","repository_id":40585967,"created_at":"2025-08-24T05:05:11.157Z","updated_at":"2025-08-24T05:05:11.157Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":34208761,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-06-11T02:00:06.485Z","response_time":57,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"},"owner_record":{"login":"temuller","name":"Tomás E. Müller Bravo","uuid":"20286110","kind":"user","description":"I am a postdoc at ICE in Barcelona, Spain. My work is mainly focused on supernova cosmology but also on transients physics.","email":"","website":"https://temuller.github.io/","location":"Barcelona, Spain","twitter":null,"company":"Institute of Space Sciences (ICE-CSIC)","icon_url":"https://avatars.githubusercontent.com/u/20286110?u=b60a6ab2a29a0c80d89538e2de7fd519c4aa2dbf\u0026v=4","repositories_count":29,"last_synced_at":"2024-04-29T17:07:28.452Z","metadata":{"has_sponsors_listing":false},"html_url":"https://github.com/temuller","funding_links":[],"total_stars":20,"followers":12,"following":2,"created_at":"2022-11-20T07:17:43.427Z","updated_at":"2024-04-29T17:07:36.421Z","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/temuller","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/temuller/repositories"},"tags":[]},"repo_metadata_updated_at":"2026-06-15T19:17:14.572Z","dependent_packages_count":0,"downloads":80,"downloads_period":"last-month","dependent_repos_count":1,"rankings":{"downloads":12.34303620210739,"dependent_repos_count":21.66152068531463,"dependent_packages_count":10.032368031403879,"stargazers_count":23.045167510612288,"forks_count":19.104607809191133,"docker_downloads_count":null,"average":17.237340047725866},"purl":"pkg:pypi/hostphot","advisories":[],"docker_usage_url":"https://docker.ecosyste.ms/usage/pypi/hostphot","docker_dependents_count":null,"docker_downloads_count":null,"usage_url":"https://repos.ecosyste.ms/usage/pypi/hostphot","dependent_repositories_url":"https://repos.ecosyste.ms/api/v1/usage/pypi/hostphot/dependencies","status":null,"funding_links":[],"critical":null,"issue_metadata":{"last_synced_at":"2026-05-23T10:58:30.327Z","issues_count":13,"pull_requests_count":1,"avg_time_to_close_issue":9075041.5,"avg_time_to_close_pull_request":266.0,"issues_closed_count":6,"pull_requests_closed_count":1,"pull_request_authors_count":1,"issue_authors_count":6,"avg_comments_per_issue":1.1538461538461537,"avg_comments_per_pull_request":0.0,"merged_pull_requests_count":1,"bot_issues_count":0,"bot_pull_requests_count":0,"past_year_issues_count":7,"past_year_pull_requests_count":0,"past_year_avg_time_to_close_issue":11517325.0,"past_year_avg_time_to_close_pull_request":null,"past_year_issues_closed_count":1,"past_year_pull_requests_closed_count":0,"past_year_pull_request_authors_count":0,"past_year_issue_authors_count":3,"past_year_avg_comments_per_issue":0.2857142857142857,"past_year_avg_comments_per_pull_request":null,"past_year_bot_issues_count":0,"past_year_bot_pull_requests_count":0,"past_year_merged_pull_requests_count":0,"issues_url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/repositories/temuller%2Fhostphot/issues","maintainers":[{"login":"temuller","count":3,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/temuller"}],"active_maintainers":[{"login":"temuller","count":2,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/temuller"}]},"versions_url":"https://packages.ecosyste.ms/api/v1/registries/pypi.org/packages/hostphot/versions","version_numbers_url":"https://packages.ecosyste.ms/api/v1/registries/pypi.org/packages/hostphot/version_numbers","latest_version_url":"https://packages.ecosyste.ms/api/v1/registries/pypi.org/packages/hostphot/latest_version","dependent_packages_url":"https://packages.ecosyste.ms/api/v1/registries/pypi.org/packages/hostphot/dependent_packages","related_packages_url":"https://packages.ecosyste.ms/api/v1/registries/pypi.org/packages/hostphot/related_packages","codemeta_url":"https://packages.ecosyste.ms/api/v1/registries/pypi.org/packages/hostphot/codemeta","maintainers":[{"uuid":"temuller","login":"temuller","name":null,"email":null,"url":null,"packages_count":8,"html_url":"https://pypi.org/user/temuller/","role":null,"created_at":"2023-02-24T10:09:00.568Z","updated_at":"2023-02-24T10:09:00.568Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/pypi.org/maintainers/temuller/packages"}],"registry":{"name":"pypi.org","url":"https://pypi.org","ecosystem":"pypi","default":true,"packages_count":890695,"maintainers_count":381523,"namespaces_count":0,"keywords_count":289179,"github":"pypi","metadata":{"funded_packages_count":54301},"icon_url":"https://github.com/pypi.png","created_at":"2022-04-04T15:19:23.364Z","updated_at":"2026-06-10T05:13:28.296Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/pypi.org/packages","maintainers_url":"https://packages.ecosyste.ms/api/v1/registries/pypi.org/maintainers","namespaces_url":"https://packages.ecosyste.ms/api/v1/registries/pypi.org/namespaces"}}],"commits":{"id":593211,"full_name":"temuller/hostphot","default_branch":"main","total_commits":441,"total_committers":3,"total_bot_commits":0,"total_bot_committers":0,"mean_commits":147.0,"dds":0.4580498866213152,"past_year_total_commits":42,"past_year_total_committers":1,"past_year_total_bot_commits":0,"past_year_total_bot_committers":0,"past_year_mean_commits":42.0,"past_year_dds":0.0,"last_synced_at":"2026-06-15T19:04:17.625Z","last_synced_commit":"6709c05931a42f8825ada00ce33a5040a67e2c5f","created_at":"2023-03-09T06:26:55.792Z","updated_at":"2026-06-15T19:04:10.881Z","committers":[{"name":"temuller","email":"t.e.muller-bravo@ice.csic.es","login":null,"count":239},{"name":"temuller","email":"t.e.muller-bravo@tcd.ie","login":"temuller","count":201},{"name":"Arfon Smith","email":"arfon","login":"arfon","count":1}],"past_year_committers":[{"name":"temuller","email":"t.e.muller-bravo@tcd.ie","login":"temuller","count":42}],"commits_url":"https://commits.ecosyste.ms/api/v1/hosts/GitHub/repositories/temuller%2Fhostphot/commits","host":{"name":"GitHub","url":"https://github.com","kind":"github","last_synced_at":"2026-06-21T00:00:11.101Z","repositories_count":6265409,"commits_count":874965802,"contributors_count":35085046,"owners_count":1169736,"icon_url":"https://github.com/github.png","host_url":"https://commits.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://commits.ecosyste.ms/api/v1/hosts/GitHub/repositories"}},"issues":{"table":{"full_name":"temuller/hostphot","html_url":"https://github.com/temuller/hostphot","last_synced_at":"2026-05-23T10:58:30.327Z","status":"error","issues_count":13,"pull_requests_count":1,"avg_time_to_close_issue":9075041.5,"avg_time_to_close_pull_request":266.0,"issues_closed_count":6,"pull_requests_closed_count":1,"pull_request_authors_count":1,"issue_authors_count":6,"avg_comments_per_issue":1.1538461538461537,"avg_comments_per_pull_request":0.0,"merged_pull_requests_count":1,"bot_issues_count":0,"bot_pull_requests_count":0,"past_year_issues_count":7,"past_year_pull_requests_count":0,"past_year_avg_time_to_close_issue":11517325.0,"past_year_avg_time_to_close_pull_request":null,"past_year_issues_closed_count":1,"past_year_pull_requests_closed_count":0,"past_year_pull_request_authors_count":0,"past_year_issue_authors_count":3,"past_year_avg_comments_per_issue":0.2857142857142857,"past_year_avg_comments_per_pull_request":null,"past_year_bot_issues_count":0,"past_year_bot_pull_requests_count":0,"past_year_merged_pull_requests_count":0,"created_at":"2023-05-14T15:32:25.704Z","updated_at":"2026-05-23T10:58:30.327Z","repository_url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/repositories/temuller%2Fhostphot","issues_url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/repositories/temuller%2Fhostphot/issues","issue_labels_count":{"table":{"enhancement":2,"bug":2}},"pull_request_labels_count":{"table":{}},"issue_author_associations_count":{"table":{"NONE":10,"OWNER":3}},"pull_request_author_associations_count":{"table":{"CONTRIBUTOR":1}},"issue_authors":{"table":{"LKelsey":4,"temuller":3,"krachyon":3,"Onoddil":1,"Hallflower20":1,"thmire":1}},"pull_request_authors":{"table":{"arfon":1}},"host":{"table":{"name":"GitHub","url":"https://github.com","kind":"github","last_synced_at":"2026-06-21T00:00:11.438Z","repositories_count":14828151,"issues_count":33038261,"pull_requests_count":108920394,"authors_count":11313908,"icon_url":"https://github.com/github.png","host_url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/repositories","owners_url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/owners","authors_url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors"}},"past_year_issue_labels_count":{"table":{"bug":2,"enhancement":1}},"past_year_pull_request_labels_count":{"table":{}},"past_year_issue_author_associations_count":{"table":{"OWNER":2,"NONE":1}},"past_year_pull_request_author_associations_count":{"table":{}},"past_year_issue_authors":{"table":{"temuller":2,"Hallflower20":1}},"past_year_pull_request_authors":{"table":{}},"maintainers":[{"table":{"login":"temuller","count":3,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/temuller"}}],"active_maintainers":[{"table":{"login":"temuller","count":2,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/temuller"}}]}},"events":{"total":{"IssuesEvent":11,"WatchEvent":1,"IssueCommentEvent":9,"PushEvent":58,"CreateEvent":3},"last_year":{"IssuesEvent":5,"IssueCommentEvent":3,"PushEvent":14,"CreateEvent":2}},"keywords":["cosmology","cutout","galaxy","image","photometry","python","sep","sextractor","supernova","transients"],"dependencies":[{"ecosystem":"actions","filepath":".github/workflows/draft-pdf.yml","sha":null,"kind":"manifest","created_at":"2023-01-22T21:31:17.796Z","updated_at":"2023-01-22T21:31:17.796Z","repository_link":"https://github.com/temuller/hostphot/blob/main/.github/workflows/draft-pdf.yml","dependencies":[{"id":7102658739,"package_name":"actions/checkout","ecosystem":"actions","requirements":"v2","direct":true,"kind":"composite","optional":false},{"id":7102658740,"package_name":"openjournals/openjournals-draft-action","ecosystem":"actions","requirements":"master","direct":true,"kind":"composite","optional":false},{"id":7102658741,"package_name":"actions/upload-artifact","ecosystem":"actions","requirements":"v1","direct":true,"kind":"composite","optional":false}]},{"ecosystem":"actions","filepath":".github/workflows/main.yml","sha":null,"kind":"manifest","created_at":"2023-01-22T21:31:17.852Z","updated_at":"2023-01-22T21:31:17.852Z","repository_link":"https://github.com/temuller/hostphot/blob/main/.github/workflows/main.yml","dependencies":[{"id":7102658747,"package_name":"actions/checkout","ecosystem":"actions","requirements":"v2","direct":true,"kind":"composite","optional":false},{"id":7102658748,"package_name":"actions/setup-python","ecosystem":"actions","requirements":"v2","direct":true,"kind":"composite","optional":false}]},{"ecosystem":"actions","filepath":".github/workflows/paper.yml","sha":null,"kind":"manifest","created_at":"2023-01-22T21:31:17.890Z","updated_at":"2023-01-22T21:31:17.890Z","repository_link":"https://github.com/temuller/hostphot/blob/main/.github/workflows/paper.yml","dependencies":[{"id":7102658752,"package_name":"actions/checkout","ecosystem":"actions","requirements":"v2","direct":true,"kind":"composite","optional":false},{"id":7102658753,"package_name":"docker://openjournals/paperdraft","ecosystem":"actions","requirements":"latest","direct":true,"kind":"composite","optional":false},{"id":7102658754,"package_name":"actions/upload-artifact","ecosystem":"actions","requirements":"v1","direct":true,"kind":"composite","optional":false}]},{"ecosystem":"pypi","filepath":"docs/requirements.txt","sha":null,"kind":"manifest","created_at":"2023-01-22T21:31:17.940Z","updated_at":"2023-01-22T21:31:17.940Z","repository_link":"https://github.com/temuller/hostphot/blob/main/docs/requirements.txt","dependencies":[{"id":7102658834,"package_name":"sphinx","ecosystem":"pypi","requirements":"*","direct":true,"kind":"runtime","optional":false},{"id":7102658835,"package_name":"sphinx_rtd_theme","ecosystem":"pypi","requirements":"*","direct":true,"kind":"runtime","optional":false},{"id":7102658836,"package_name":"readthedocs-sphinx-search","ecosystem":"pypi","requirements":"*","direct":true,"kind":"runtime","optional":false}]},{"ecosystem":"pypi","filepath":"requirements.txt","sha":null,"kind":"manifest","created_at":"2023-01-22T21:31:18.019Z","updated_at":"2023-01-22T21:31:18.019Z","repository_link":"https://github.com/temuller/hostphot/blob/main/requirements.txt","dependencies":[{"id":7102658849,"package_name":"pip","ecosystem":"pypi","requirements":"*","direct":true,"kind":"runtime","optional":false},{"id":7102658850,"package_name":"numpy","ecosystem":"pypi","requirements":"*","direct":true,"kind":"runtime","optional":false},{"id":7102658851,"package_name":"pandas","ecosystem":"pypi","requirements":"*","direct":true,"kind":"runtime","optional":false},{"id":7102658852,"package_name":"matplotlib","ecosystem":"pypi","requirements":"*","direct":true,"kind":"runtime","optional":false},{"id":7102658853,"package_name":"python-dotenv","ecosystem":"pypi","requirements":"*","direct":true,"kind":"runtime","optional":false},{"id":7102658854,"package_name":"astropy","ecosystem":"pypi","requirements":"*","direct":true,"kind":"runtime","optional":false},{"id":7102658855,"package_name":"reproject","ecosystem":"pypi","requirements":"*","direct":true,"kind":"runtime","optional":false},{"id":7102658856,"package_name":"photutils","ecosystem":"pypi","requirements":"*","direct":true,"kind":"runtime","optional":false},{"id":7102658857,"package_name":"astroquery","ecosystem":"pypi","requirements":"*","direct":true,"kind":"runtime","optional":false},{"id":7102658858,"package_name":"extinction","ecosystem":"pypi","requirements":"*","direct":true,"kind":"runtime","optional":false},{"id":7102658859,"package_name":"sfdmap","ecosystem":"pypi","requirements":"*","direct":true,"kind":"runtime","optional":false},{"id":7102658860,"package_name":"pyvo","ecosystem":"pypi","requirements":"*","direct":true,"kind":"runtime","optional":false},{"id":7102658861,"package_name":"sep","ecosystem":"pypi","requirements":"*","direct":true,"kind":"runtime","optional":false},{"id":7102658862,"package_name":"ipywidgets","ecosystem":"pypi","requirements":"*","direct":true,"kind":"runtime","optional":false},{"id":7102658863,"package_name":"ipympl","ecosystem":"pypi","requirements":"*","direct":true,"kind":"runtime","optional":false},{"id":7102658864,"package_name":"ipython","ecosystem":"pypi","requirements":"*","direct":true,"kind":"runtime","optional":false},{"id":7102658865,"package_name":"pytest","ecosystem":"pypi","requirements":"*","direct":true,"kind":"runtime","optional":false}]},{"ecosystem":"pypi","filepath":"pyproject.toml","sha":null,"kind":"manifest","created_at":"2024-01-25T12:51:30.569Z","updated_at":"2024-01-25T12:51:30.569Z","repository_link":"https://github.com/temuller/hostphot/blob/main/pyproject.toml","dependencies":[]},{"ecosystem":"pypi","filepath":"setup.py","sha":null,"kind":"manifest","created_at":"2024-01-25T12:51:30.711Z","updated_at":"2024-01-25T12:51:30.711Z","repository_link":"https://github.com/temuller/hostphot/blob/main/setup.py","dependencies":[]}],"score":7.903226808730734,"created_at":"2025-04-11T10:19:52.758Z","updated_at":"2026-06-21T22:00:59.668Z","avatar_url":"https://github.com/temuller.png","language":"Python","codemeta":null,"publiccode":null,"project_url":"https://summary.ecosyste.ms/api/v1/projects/357446","html_url":"https://summary.ecosyste.ms/projects/357446"}