Ecosyste.ms: Summary

An open API service providing a high level summary for open source projects.

https://github.com/boostsecurityio/poutine

ci cli devops devsecops gh-extension github github-actions golang security security-scanner supply-chain supply-chain-security

Score: -Infinity

Last synced: 4 days ago
JSON representation

Repository metadata:

boostsecurityio/poutine


Owner metadata:


GitHub Events

Total
Last Year

Issue and Pull Request metadata

Last synced: 18 days ago

Total issues: 52
Total pull requests: 112
Average time to close issues: about 1 month
Average time to close pull requests: 2 days
Total issue authors: 6
Total pull request authors: 7
Average comments per issue: 0.96
Average comments per pull request: 0.13
Merged pull request: 102
Bot issues: 0
Bot pull requests: 21

Past year issues: 52
Past year pull requests: 112
Past year average time to close issues: about 1 month
Past year average time to close pull requests: 2 days
Past year issue authors: 6
Past year pull request authors: 7
Past year average comments per issue: 0.96
Past year average comments per pull request: 0.13
Past year merged pull request: 102
Past year bot issues: 0
Past year bot pull requests: 21

More stats: https://issues.ecosyste.ms/repositories/lookup?url=https://github.com/boostsecurityio/poutine

Top Issue Authors

  • fproulx-boostsecurity (31)
  • AppSecAmael (6)
  • becojo (5)
  • fgreinacher (4)
  • rgmz (4)
  • SUSTAPLE117 (2)
  • bthuilot (1)

Top Pull Request Authors

  • becojo (39)
  • fproulx-boostsecurity (30)
  • dependabot[bot] (21)
  • SUSTAPLE117 (17)
  • ledo01 (2)
  • scott-boost (2)
  • step-security-bot (1)

Top Issue Labels

  • enhancement (2)
  • good first issue (2)

Top Pull Request Labels

  • dependencies (21)
  • github_actions (12)
  • go (9)

Package metadata

proxy.golang.org: github.com/boostsecurityio/poutine

  • Homepage: https://github.com/boostsecurityio/poutine
  • Documentation: https://pkg.go.dev/github.com/boostsecurityio/poutine#section-documentation
  • Licenses: Apache-2.0
  • Latest release: v0.15.2 (published about 1 month ago)
  • Last Synced: 2024-11-13T13:42:54.173Z (18 days ago)
  • Versions: 22
  • Dependent Packages: 0
  • Dependent Repositories: 0
  • Rankings:
    • Dependent packages count: 7.044%
    • Average: 7.494%
    • Dependent repos count: 7.943%
formulae.brew.sh: poutine

Security scanner that detects vulnerabilities in build pipelines

  • Homepage: https://boostsecurityio.github.io/poutine/
  • Licenses: Apache-2.0
  • Latest release: 0.15.2 (published about 1 month ago)
  • Last Synced: 2024-11-22T23:04:31.979Z (9 days ago)
  • Versions: 7
  • Dependent Packages: 0
  • Dependent Repositories: 0
  • Downloads: 33 Last month
  • Rankings:
    • Dependent packages count: 19.069%
    • Downloads: 34.635%
    • Average: 36.301%
    • Dependent repos count: 55.199%

Dependencies

.github/workflows/build_test.yml actions
  • actions/checkout 9bb56186c3b09b4f86b1c65136769dd318469633 composite
  • actions/setup-go 0c52d547c9bc32b1aa3301fd7a9cb496313a4491 composite
  • step-security/harden-runner 63c24ba6bd7ba022e95695ff85de572c04a18142 composite
.github/workflows/codeql.yml actions
  • actions/checkout 9bb56186c3b09b4f86b1c65136769dd318469633 composite
  • github/codeql-action/analyze ffd3158cb9024ebd018dbf20756f28befbd168c7 composite
  • github/codeql-action/autobuild ffd3158cb9024ebd018dbf20756f28befbd168c7 composite
  • github/codeql-action/init ffd3158cb9024ebd018dbf20756f28befbd168c7 composite
  • step-security/harden-runner 63c24ba6bd7ba022e95695ff85de572c04a18142 composite
.github/workflows/dependency-review.yml actions
  • actions/checkout 9bb56186c3b09b4f86b1c65136769dd318469633 composite
  • actions/dependency-review-action 0efb1d1d84fc9633afcdaad14c485cbbc90ef46c composite
  • step-security/harden-runner 63c24ba6bd7ba022e95695ff85de572c04a18142 composite
.github/workflows/release.yml actions
  • actions/checkout 9bb56186c3b09b4f86b1c65136769dd318469633 composite
  • actions/create-github-app-token 7bfa3a4717ef143a604ee0a99d859b8886a96d00 composite
  • actions/setup-go 0c52d547c9bc32b1aa3301fd7a9cb496313a4491 composite
  • goreleaser/goreleaser-action 7ec5c2b0c6cdda6e8bbb49444bc797dd33d74dd8 composite
  • sigstore/cosign-installer e1523de7571e31dbe865fd2e80c5c7c23ae71eb4 composite
  • step-security/harden-runner 63c24ba6bd7ba022e95695ff85de572c04a18142 composite
.github/workflows/scorecards.yml actions
  • actions/checkout 9bb56186c3b09b4f86b1c65136769dd318469633 composite
  • actions/upload-artifact a8a3f3ad30e3422c9c7b888a15615d19a852ae32 composite
  • github/codeql-action/upload-sarif ffd3158cb9024ebd018dbf20756f28befbd168c7 composite
  • ossf/scorecard-action 99c53751e09b9529366343771cc321ec74e9bd3d composite
  • step-security/harden-runner 63c24ba6bd7ba022e95695ff85de572c04a18142 composite
scanner/testdata/.github/action.yaml actions
scanner/testdata/action.yml actions
  • docker://alpine latest docker
scanner/testdata/composite/action.yml actions
  • actions/github-script main composite
  • hashicorp/vault-action v3 composite
  • hashicorp/vault-action v2.1.0 composite
go.mod go
  • github.com/OneOfOne/xxhash v1.2.8
  • github.com/agnivade/levenshtein v1.1.1
  • github.com/beorn7/perks v1.0.1
  • github.com/cespare/xxhash/v2 v2.2.0
  • github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc
  • github.com/fatih/color v1.14.1
  • github.com/go-ini/ini v1.67.0
  • github.com/go-logr/logr v1.4.1
  • github.com/go-logr/stdr v1.2.2
  • github.com/gobwas/glob v0.2.3
  • github.com/gofri/go-github-ratelimit v1.1.0
  • github.com/google/go-github/v59 v59.0.0
  • github.com/google/go-querystring v1.1.0
  • github.com/google/uuid v1.6.0
  • github.com/gorilla/mux v1.8.1
  • github.com/hashicorp/go-cleanhttp v0.5.2
  • github.com/hashicorp/go-hclog v1.5.0
  • github.com/hashicorp/go-retryablehttp v0.7.2
  • github.com/hashicorp/go-version v1.6.0
  • github.com/mattn/go-colorable v0.1.13
  • github.com/mattn/go-isatty v0.0.20
  • github.com/mattn/go-runewidth v0.0.9
  • github.com/mitchellh/colorstring v0.0.0-20190213212951-d06e56a500db
  • github.com/olekukonko/tablewriter v0.0.5
  • github.com/open-policy-agent/opa v0.63.0
  • github.com/owenrumney/go-sarif/v2 v2.3.1
  • github.com/package-url/packageurl-go v0.1.2
  • github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2
  • github.com/prometheus/client_golang v1.19.0
  • github.com/prometheus/client_model v0.5.0
  • github.com/prometheus/common v0.48.0
  • github.com/prometheus/procfs v0.12.0
  • github.com/rcrowley/go-metrics v0.0.0-20200313005456-10cdbea86bc0
  • github.com/rivo/uniseg v0.4.7
  • github.com/rs/zerolog v1.32.0
  • github.com/schollz/progressbar/v3 v3.14.2
  • github.com/shurcooL/githubv4 v0.0.0-20240120211514-18a1ae0e79dc
  • github.com/shurcooL/graphql v0.0.0-20230722043721-ed46e5a46466
  • github.com/sirupsen/logrus v1.9.3
  • github.com/stretchr/testify v1.9.0
  • github.com/tchap/go-patricia/v2 v2.3.1
  • github.com/xanzy/go-gitlab v0.100.0
  • github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb
  • github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415
  • github.com/yashtewari/glob-intersection v0.2.0
  • go.opentelemetry.io/otel v1.21.0
  • go.opentelemetry.io/otel/metric v1.21.0
  • go.opentelemetry.io/otel/sdk v1.21.0
  • go.opentelemetry.io/otel/trace v1.21.0
  • golang.org/x/oauth2 v0.19.0
  • golang.org/x/sync v0.7.0
  • golang.org/x/sys v0.18.0
  • golang.org/x/term v0.18.0
  • golang.org/x/time v0.5.0
  • google.golang.org/protobuf v1.33.0
  • gopkg.in/yaml.v2 v2.4.0
  • gopkg.in/yaml.v3 v3.0.1
  • sigs.k8s.io/yaml v1.4.0
go.sum go
  • 154 dependencies
.github/workflows/pop.yml actions
  • actions/checkout b4ffde65f46336ab88eb53be808477a3936bae11 composite
  • boostsecurityio/poutine-action main composite
  • github/codeql-action/upload-sarif 4355270be187e1b672a7a1c7c7bae5afdc1ab94a composite
  • step-security/harden-runner 63c24ba6bd7ba022e95695ff85de572c04a18142 composite