greentic-session 0.4.8

Greentic multi-tenant session manager with in-memory and Redis backends
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75

<h1>Dependency Review</h1>
✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.<h2>OpenSSF Scorecard</h2>
<details><summary>Scorecard details</summary>
<table><tr><th>Package</th><th>Version</th><th>Score</th><th>Details</th></tr>
<tr><td><a href="https://github.com/gimli-rs/addr2line"> cargo/addr2line </a></td><td>0.26.0</td>
      <td>:green_circle: 3.4</td><td><details><summary>Details</summary><table><tr><th>Check</th><th>Score</th><th>Reason</th></tr><tr><td>Maintained</td><td>:green_circle: 4</td><td>5 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 4</td></tr><tr><td>Code-Review</td><td>:green_circle: 3</td><td>Found 7/20 approved changesets -- score normalized to 3</td></tr><tr><td>Dangerous-Workflow</td><td>:green_circle: 10</td><td>no dangerous workflow patterns detected</td></tr><tr><td>Binary-Artifacts</td><td>:green_circle: 9</td><td>binaries present in source code</td></tr><tr><td>Packaging</td><td>:warning: -1</td><td>packaging workflow not detected</td></tr><tr><td>Token-Permissions</td><td>:warning: 0</td><td>detected GitHub workflow tokens with excessive permissions</td></tr><tr><td>CII-Best-Practices</td><td>:warning: 0</td><td>no effort to earn an OpenSSF best practices badge detected</td></tr><tr><td>Security-Policy</td><td>:warning: 0</td><td>security policy file not detected</td></tr><tr><td>License</td><td>:green_circle: 10</td><td>license file detected</td></tr><tr><td>Fuzzing</td><td>:warning: 0</td><td>project is not fuzzed</td></tr><tr><td>Signed-Releases</td><td>:warning: -1</td><td>no releases found</td></tr><tr><td>Pinned-Dependencies</td><td>:warning: 0</td><td>dependency not pinned by hash detected -- score normalized to 0</td></tr><tr><td>Branch-Protection</td><td>:warning: 0</td><td>branch protection not enabled on development/release branches</td></tr><tr><td>SAST</td><td>:warning: 0</td><td>SAST tool is not run on all commits -- score normalized to 0</td></tr></table></details></td></tr>
<tr><td> cargo/cranelift-assembler-x64 </td><td>0.129.1</td>
      <td> Unknown</td><td>Unknown</td></tr>
<tr><td> cargo/cranelift-assembler-x64-meta </td><td>0.129.1</td>
      <td> Unknown</td><td>Unknown</td></tr>
<tr><td><a href="https://github.com/bytecodealliance/wasmtime"> cargo/cranelift-bforest </a></td><td>0.129.1</td>
      <td>:green_circle: 5.4</td><td><details><summary>Details</summary><table><tr><th>Check</th><th>Score</th><th>Reason</th></tr><tr><td>Maintained</td><td>:green_circle: 10</td><td>30 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10</td></tr><tr><td>Code-Review</td><td>:green_circle: 10</td><td>all changesets reviewed</td></tr><tr><td>Security-Policy</td><td>:green_circle: 10</td><td>security policy file detected</td></tr><tr><td>CII-Best-Practices</td><td>:warning: 0</td><td>no effort to earn an OpenSSF best practices badge detected</td></tr><tr><td>Dangerous-Workflow</td><td>:warning: 0</td><td>dangerous workflow patterns detected</td></tr><tr><td>Token-Permissions</td><td>:warning: 0</td><td>detected GitHub workflow tokens with excessive permissions</td></tr><tr><td>License</td><td>:green_circle: 10</td><td>license file detected</td></tr><tr><td>Binary-Artifacts</td><td>:green_circle: 10</td><td>no binaries found in the repo</td></tr><tr><td>Fuzzing</td><td>:green_circle: 10</td><td>project is fuzzed</td></tr><tr><td>Packaging</td><td>:green_circle: 10</td><td>packaging workflow detected</td></tr><tr><td>Branch-Protection</td><td>:green_circle: 8</td><td>branch protection is not maximal on development and all release branches</td></tr><tr><td>Signed-Releases</td><td>:warning: 0</td><td>Project has not signed or included provenance with any releases.</td></tr><tr><td>Pinned-Dependencies</td><td>:warning: 0</td><td>dependency not pinned by hash detected -- score normalized to 0</td></tr><tr><td>SAST</td><td>:warning: 0</td><td>SAST tool is not run on all commits -- score normalized to 0</td></tr></table></details></td></tr>
<tr><td><a href="https://github.com/bytecodealliance/wasmtime"> cargo/cranelift-bitset </a></td><td>0.129.1</td>
      <td>:green_circle: 5.4</td><td><details><summary>Details</summary><table><tr><th>Check</th><th>Score</th><th>Reason</th></tr><tr><td>Maintained</td><td>:green_circle: 10</td><td>30 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10</td></tr><tr><td>Code-Review</td><td>:green_circle: 10</td><td>all changesets reviewed</td></tr><tr><td>Security-Policy</td><td>:green_circle: 10</td><td>security policy file detected</td></tr><tr><td>CII-Best-Practices</td><td>:warning: 0</td><td>no effort to earn an OpenSSF best practices badge detected</td></tr><tr><td>Dangerous-Workflow</td><td>:warning: 0</td><td>dangerous workflow patterns detected</td></tr><tr><td>Token-Permissions</td><td>:warning: 0</td><td>detected GitHub workflow tokens with excessive permissions</td></tr><tr><td>License</td><td>:green_circle: 10</td><td>license file detected</td></tr><tr><td>Binary-Artifacts</td><td>:green_circle: 10</td><td>no binaries found in the repo</td></tr><tr><td>Fuzzing</td><td>:green_circle: 10</td><td>project is fuzzed</td></tr><tr><td>Packaging</td><td>:green_circle: 10</td><td>packaging workflow detected</td></tr><tr><td>Branch-Protection</td><td>:green_circle: 8</td><td>branch protection is not maximal on development and all release branches</td></tr><tr><td>Signed-Releases</td><td>:warning: 0</td><td>Project has not signed or included provenance with any releases.</td></tr><tr><td>Pinned-Dependencies</td><td>:warning: 0</td><td>dependency not pinned by hash detected -- score normalized to 0</td></tr><tr><td>SAST</td><td>:warning: 0</td><td>SAST tool is not run on all commits -- score normalized to 0</td></tr></table></details></td></tr>
<tr><td><a href="https://github.com/bytecodealliance/wasmtime"> cargo/cranelift-codegen </a></td><td>0.129.1</td>
      <td>:green_circle: 5.4</td><td><details><summary>Details</summary><table><tr><th>Check</th><th>Score</th><th>Reason</th></tr><tr><td>Maintained</td><td>:green_circle: 10</td><td>30 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10</td></tr><tr><td>Code-Review</td><td>:green_circle: 10</td><td>all changesets reviewed</td></tr><tr><td>Security-Policy</td><td>:green_circle: 10</td><td>security policy file detected</td></tr><tr><td>CII-Best-Practices</td><td>:warning: 0</td><td>no effort to earn an OpenSSF best practices badge detected</td></tr><tr><td>Dangerous-Workflow</td><td>:warning: 0</td><td>dangerous workflow patterns detected</td></tr><tr><td>Token-Permissions</td><td>:warning: 0</td><td>detected GitHub workflow tokens with excessive permissions</td></tr><tr><td>License</td><td>:green_circle: 10</td><td>license file detected</td></tr><tr><td>Binary-Artifacts</td><td>:green_circle: 10</td><td>no binaries found in the repo</td></tr><tr><td>Fuzzing</td><td>:green_circle: 10</td><td>project is fuzzed</td></tr><tr><td>Packaging</td><td>:green_circle: 10</td><td>packaging workflow detected</td></tr><tr><td>Branch-Protection</td><td>:green_circle: 8</td><td>branch protection is not maximal on development and all release branches</td></tr><tr><td>Signed-Releases</td><td>:warning: 0</td><td>Project has not signed or included provenance with any releases.</td></tr><tr><td>Pinned-Dependencies</td><td>:warning: 0</td><td>dependency not pinned by hash detected -- score normalized to 0</td></tr><tr><td>SAST</td><td>:warning: 0</td><td>SAST tool is not run on all commits -- score normalized to 0</td></tr></table></details></td></tr>
<tr><td><a href="https://github.com/bytecodealliance/wasmtime"> cargo/cranelift-codegen-meta </a></td><td>0.129.1</td>
      <td>:green_circle: 5.4</td><td><details><summary>Details</summary><table><tr><th>Check</th><th>Score</th><th>Reason</th></tr><tr><td>Maintained</td><td>:green_circle: 10</td><td>30 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10</td></tr><tr><td>Code-Review</td><td>:green_circle: 10</td><td>all changesets reviewed</td></tr><tr><td>Security-Policy</td><td>:green_circle: 10</td><td>security policy file detected</td></tr><tr><td>CII-Best-Practices</td><td>:warning: 0</td><td>no effort to earn an OpenSSF best practices badge detected</td></tr><tr><td>Dangerous-Workflow</td><td>:warning: 0</td><td>dangerous workflow patterns detected</td></tr><tr><td>Token-Permissions</td><td>:warning: 0</td><td>detected GitHub workflow tokens with excessive permissions</td></tr><tr><td>License</td><td>:green_circle: 10</td><td>license file detected</td></tr><tr><td>Binary-Artifacts</td><td>:green_circle: 10</td><td>no binaries found in the repo</td></tr><tr><td>Fuzzing</td><td>:green_circle: 10</td><td>project is fuzzed</td></tr><tr><td>Packaging</td><td>:green_circle: 10</td><td>packaging workflow detected</td></tr><tr><td>Branch-Protection</td><td>:green_circle: 8</td><td>branch protection is not maximal on development and all release branches</td></tr><tr><td>Signed-Releases</td><td>:warning: 0</td><td>Project has not signed or included provenance with any releases.</td></tr><tr><td>Pinned-Dependencies</td><td>:warning: 0</td><td>dependency not pinned by hash detected -- score normalized to 0</td></tr><tr><td>SAST</td><td>:warning: 0</td><td>SAST tool is not run on all commits -- score normalized to 0</td></tr></table></details></td></tr>
<tr><td><a href="https://github.com/bytecodealliance/wasmtime"> cargo/cranelift-codegen-shared </a></td><td>0.129.1</td>
      <td>:green_circle: 5.4</td><td><details><summary>Details</summary><table><tr><th>Check</th><th>Score</th><th>Reason</th></tr><tr><td>Maintained</td><td>:green_circle: 10</td><td>30 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10</td></tr><tr><td>Code-Review</td><td>:green_circle: 10</td><td>all changesets reviewed</td></tr><tr><td>Security-Policy</td><td>:green_circle: 10</td><td>security policy file detected</td></tr><tr><td>CII-Best-Practices</td><td>:warning: 0</td><td>no effort to earn an OpenSSF best practices badge detected</td></tr><tr><td>Dangerous-Workflow</td><td>:warning: 0</td><td>dangerous workflow patterns detected</td></tr><tr><td>Token-Permissions</td><td>:warning: 0</td><td>detected GitHub workflow tokens with excessive permissions</td></tr><tr><td>License</td><td>:green_circle: 10</td><td>license file detected</td></tr><tr><td>Binary-Artifacts</td><td>:green_circle: 10</td><td>no binaries found in the repo</td></tr><tr><td>Fuzzing</td><td>:green_circle: 10</td><td>project is fuzzed</td></tr><tr><td>Packaging</td><td>:green_circle: 10</td><td>packaging workflow detected</td></tr><tr><td>Branch-Protection</td><td>:green_circle: 8</td><td>branch protection is not maximal on development and all release branches</td></tr><tr><td>Signed-Releases</td><td>:warning: 0</td><td>Project has not signed or included provenance with any releases.</td></tr><tr><td>Pinned-Dependencies</td><td>:warning: 0</td><td>dependency not pinned by hash detected -- score normalized to 0</td></tr><tr><td>SAST</td><td>:warning: 0</td><td>SAST tool is not run on all commits -- score normalized to 0</td></tr></table></details></td></tr>
<tr><td><a href="https://github.com/bytecodealliance/wasmtime"> cargo/cranelift-control </a></td><td>0.129.1</td>
      <td>:green_circle: 5.4</td><td><details><summary>Details</summary><table><tr><th>Check</th><th>Score</th><th>Reason</th></tr><tr><td>Maintained</td><td>:green_circle: 10</td><td>30 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10</td></tr><tr><td>Code-Review</td><td>:green_circle: 10</td><td>all changesets reviewed</td></tr><tr><td>Security-Policy</td><td>:green_circle: 10</td><td>security policy file detected</td></tr><tr><td>CII-Best-Practices</td><td>:warning: 0</td><td>no effort to earn an OpenSSF best practices badge detected</td></tr><tr><td>Dangerous-Workflow</td><td>:warning: 0</td><td>dangerous workflow patterns detected</td></tr><tr><td>Token-Permissions</td><td>:warning: 0</td><td>detected GitHub workflow tokens with excessive permissions</td></tr><tr><td>License</td><td>:green_circle: 10</td><td>license file detected</td></tr><tr><td>Binary-Artifacts</td><td>:green_circle: 10</td><td>no binaries found in the repo</td></tr><tr><td>Fuzzing</td><td>:green_circle: 10</td><td>project is fuzzed</td></tr><tr><td>Packaging</td><td>:green_circle: 10</td><td>packaging workflow detected</td></tr><tr><td>Branch-Protection</td><td>:green_circle: 8</td><td>branch protection is not maximal on development and all release branches</td></tr><tr><td>Signed-Releases</td><td>:warning: 0</td><td>Project has not signed or included provenance with any releases.</td></tr><tr><td>Pinned-Dependencies</td><td>:warning: 0</td><td>dependency not pinned by hash detected -- score normalized to 0</td></tr><tr><td>SAST</td><td>:warning: 0</td><td>SAST tool is not run on all commits -- score normalized to 0</td></tr></table></details></td></tr>
<tr><td><a href="https://github.com/bytecodealliance/wasmtime"> cargo/cranelift-entity </a></td><td>0.129.1</td>
      <td>:green_circle: 5.4</td><td><details><summary>Details</summary><table><tr><th>Check</th><th>Score</th><th>Reason</th></tr><tr><td>Maintained</td><td>:green_circle: 10</td><td>30 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10</td></tr><tr><td>Code-Review</td><td>:green_circle: 10</td><td>all changesets reviewed</td></tr><tr><td>Security-Policy</td><td>:green_circle: 10</td><td>security policy file detected</td></tr><tr><td>CII-Best-Practices</td><td>:warning: 0</td><td>no effort to earn an OpenSSF best practices badge detected</td></tr><tr><td>Dangerous-Workflow</td><td>:warning: 0</td><td>dangerous workflow patterns detected</td></tr><tr><td>Token-Permissions</td><td>:warning: 0</td><td>detected GitHub workflow tokens with excessive permissions</td></tr><tr><td>License</td><td>:green_circle: 10</td><td>license file detected</td></tr><tr><td>Binary-Artifacts</td><td>:green_circle: 10</td><td>no binaries found in the repo</td></tr><tr><td>Fuzzing</td><td>:green_circle: 10</td><td>project is fuzzed</td></tr><tr><td>Packaging</td><td>:green_circle: 10</td><td>packaging workflow detected</td></tr><tr><td>Branch-Protection</td><td>:green_circle: 8</td><td>branch protection is not maximal on development and all release branches</td></tr><tr><td>Signed-Releases</td><td>:warning: 0</td><td>Project has not signed or included provenance with any releases.</td></tr><tr><td>Pinned-Dependencies</td><td>:warning: 0</td><td>dependency not pinned by hash detected -- score normalized to 0</td></tr><tr><td>SAST</td><td>:warning: 0</td><td>SAST tool is not run on all commits -- score normalized to 0</td></tr></table></details></td></tr>
<tr><td><a href="https://github.com/bytecodealliance/wasmtime"> cargo/cranelift-frontend </a></td><td>0.129.1</td>
      <td>:green_circle: 5.4</td><td><details><summary>Details</summary><table><tr><th>Check</th><th>Score</th><th>Reason</th></tr><tr><td>Maintained</td><td>:green_circle: 10</td><td>30 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10</td></tr><tr><td>Code-Review</td><td>:green_circle: 10</td><td>all changesets reviewed</td></tr><tr><td>Security-Policy</td><td>:green_circle: 10</td><td>security policy file detected</td></tr><tr><td>CII-Best-Practices</td><td>:warning: 0</td><td>no effort to earn an OpenSSF best practices badge detected</td></tr><tr><td>Dangerous-Workflow</td><td>:warning: 0</td><td>dangerous workflow patterns detected</td></tr><tr><td>Token-Permissions</td><td>:warning: 0</td><td>detected GitHub workflow tokens with excessive permissions</td></tr><tr><td>License</td><td>:green_circle: 10</td><td>license file detected</td></tr><tr><td>Binary-Artifacts</td><td>:green_circle: 10</td><td>no binaries found in the repo</td></tr><tr><td>Fuzzing</td><td>:green_circle: 10</td><td>project is fuzzed</td></tr><tr><td>Packaging</td><td>:green_circle: 10</td><td>packaging workflow detected</td></tr><tr><td>Branch-Protection</td><td>:green_circle: 8</td><td>branch protection is not maximal on development and all release branches</td></tr><tr><td>Signed-Releases</td><td>:warning: 0</td><td>Project has not signed or included provenance with any releases.</td></tr><tr><td>Pinned-Dependencies</td><td>:warning: 0</td><td>dependency not pinned by hash detected -- score normalized to 0</td></tr><tr><td>SAST</td><td>:warning: 0</td><td>SAST tool is not run on all commits -- score normalized to 0</td></tr></table></details></td></tr>
<tr><td><a href="https://github.com/bytecodealliance/wasmtime"> cargo/cranelift-isle </a></td><td>0.129.1</td>
      <td>:green_circle: 5.4</td><td><details><summary>Details</summary><table><tr><th>Check</th><th>Score</th><th>Reason</th></tr><tr><td>Maintained</td><td>:green_circle: 10</td><td>30 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10</td></tr><tr><td>Code-Review</td><td>:green_circle: 10</td><td>all changesets reviewed</td></tr><tr><td>Security-Policy</td><td>:green_circle: 10</td><td>security policy file detected</td></tr><tr><td>CII-Best-Practices</td><td>:warning: 0</td><td>no effort to earn an OpenSSF best practices badge detected</td></tr><tr><td>Dangerous-Workflow</td><td>:warning: 0</td><td>dangerous workflow patterns detected</td></tr><tr><td>Token-Permissions</td><td>:warning: 0</td><td>detected GitHub workflow tokens with excessive permissions</td></tr><tr><td>License</td><td>:green_circle: 10</td><td>license file detected</td></tr><tr><td>Binary-Artifacts</td><td>:green_circle: 10</td><td>no binaries found in the repo</td></tr><tr><td>Fuzzing</td><td>:green_circle: 10</td><td>project is fuzzed</td></tr><tr><td>Packaging</td><td>:green_circle: 10</td><td>packaging workflow detected</td></tr><tr><td>Branch-Protection</td><td>:green_circle: 8</td><td>branch protection is not maximal on development and all release branches</td></tr><tr><td>Signed-Releases</td><td>:warning: 0</td><td>Project has not signed or included provenance with any releases.</td></tr><tr><td>Pinned-Dependencies</td><td>:warning: 0</td><td>dependency not pinned by hash detected -- score normalized to 0</td></tr><tr><td>SAST</td><td>:warning: 0</td><td>SAST tool is not run on all commits -- score normalized to 0</td></tr></table></details></td></tr>
<tr><td><a href="https://github.com/bytecodealliance/wasmtime"> cargo/cranelift-native </a></td><td>0.129.1</td>
      <td>:green_circle: 5.4</td><td><details><summary>Details</summary><table><tr><th>Check</th><th>Score</th><th>Reason</th></tr><tr><td>Maintained</td><td>:green_circle: 10</td><td>30 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10</td></tr><tr><td>Code-Review</td><td>:green_circle: 10</td><td>all changesets reviewed</td></tr><tr><td>Security-Policy</td><td>:green_circle: 10</td><td>security policy file detected</td></tr><tr><td>CII-Best-Practices</td><td>:warning: 0</td><td>no effort to earn an OpenSSF best practices badge detected</td></tr><tr><td>Dangerous-Workflow</td><td>:warning: 0</td><td>dangerous workflow patterns detected</td></tr><tr><td>Token-Permissions</td><td>:warning: 0</td><td>detected GitHub workflow tokens with excessive permissions</td></tr><tr><td>License</td><td>:green_circle: 10</td><td>license file detected</td></tr><tr><td>Binary-Artifacts</td><td>:green_circle: 10</td><td>no binaries found in the repo</td></tr><tr><td>Fuzzing</td><td>:green_circle: 10</td><td>project is fuzzed</td></tr><tr><td>Packaging</td><td>:green_circle: 10</td><td>packaging workflow detected</td></tr><tr><td>Branch-Protection</td><td>:green_circle: 8</td><td>branch protection is not maximal on development and all release branches</td></tr><tr><td>Signed-Releases</td><td>:warning: 0</td><td>Project has not signed or included provenance with any releases.</td></tr><tr><td>Pinned-Dependencies</td><td>:warning: 0</td><td>dependency not pinned by hash detected -- score normalized to 0</td></tr><tr><td>SAST</td><td>:warning: 0</td><td>SAST tool is not run on all commits -- score normalized to 0</td></tr></table></details></td></tr>
<tr><td><a href="https://github.com/bytecodealliance/wasmtime"> cargo/cranelift-srcgen </a></td><td>0.129.1</td>
      <td>:green_circle: 5.4</td><td><details><summary>Details</summary><table><tr><th>Check</th><th>Score</th><th>Reason</th></tr><tr><td>Maintained</td><td>:green_circle: 10</td><td>30 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10</td></tr><tr><td>Code-Review</td><td>:green_circle: 10</td><td>all changesets reviewed</td></tr><tr><td>Security-Policy</td><td>:green_circle: 10</td><td>security policy file detected</td></tr><tr><td>CII-Best-Practices</td><td>:warning: 0</td><td>no effort to earn an OpenSSF best practices badge detected</td></tr><tr><td>Dangerous-Workflow</td><td>:warning: 0</td><td>dangerous workflow patterns detected</td></tr><tr><td>Token-Permissions</td><td>:warning: 0</td><td>detected GitHub workflow tokens with excessive permissions</td></tr><tr><td>License</td><td>:green_circle: 10</td><td>license file detected</td></tr><tr><td>Binary-Artifacts</td><td>:green_circle: 10</td><td>no binaries found in the repo</td></tr><tr><td>Fuzzing</td><td>:green_circle: 10</td><td>project is fuzzed</td></tr><tr><td>Packaging</td><td>:green_circle: 10</td><td>packaging workflow detected</td></tr><tr><td>Branch-Protection</td><td>:green_circle: 8</td><td>branch protection is not maximal on development and all release branches</td></tr><tr><td>Signed-Releases</td><td>:warning: 0</td><td>Project has not signed or included provenance with any releases.</td></tr><tr><td>Pinned-Dependencies</td><td>:warning: 0</td><td>dependency not pinned by hash detected -- score normalized to 0</td></tr><tr><td>SAST</td><td>:warning: 0</td><td>SAST tool is not run on all commits -- score normalized to 0</td></tr></table></details></td></tr>
<tr><td><a href="https://github.com/gimli-rs/gimli"> cargo/gimli </a></td><td>0.33.0</td>
      <td>:green_circle: 4.5</td><td><details><summary>Details</summary><table><tr><th>Check</th><th>Score</th><th>Reason</th></tr><tr><td>Code-Review</td><td>:warning: 0</td><td>Found 0/20 approved changesets -- score normalized to 0</td></tr><tr><td>Maintained</td><td>:green_circle: 10</td><td>30 commit(s) and 8 issue activity found in the last 90 days -- score normalized to 10</td></tr><tr><td>Binary-Artifacts</td><td>:green_circle: 10</td><td>no binaries found in the repo</td></tr><tr><td>Token-Permissions</td><td>:warning: 0</td><td>detected GitHub workflow tokens with excessive permissions</td></tr><tr><td>Packaging</td><td>:warning: -1</td><td>packaging workflow not detected</td></tr><tr><td>Dangerous-Workflow</td><td>:green_circle: 10</td><td>no dangerous workflow patterns detected</td></tr><tr><td>CII-Best-Practices</td><td>:warning: 0</td><td>no effort to earn an OpenSSF best practices badge detected</td></tr><tr><td>Pinned-Dependencies</td><td>:warning: 0</td><td>dependency not pinned by hash detected -- score normalized to 0</td></tr><tr><td>Security-Policy</td><td>:warning: 0</td><td>security policy file not detected</td></tr><tr><td>License</td><td>:green_circle: 10</td><td>license file detected</td></tr><tr><td>Fuzzing</td><td>:green_circle: 10</td><td>project is fuzzed</td></tr><tr><td>Signed-Releases</td><td>:warning: -1</td><td>no releases found</td></tr><tr><td>Branch-Protection</td><td>:warning: 0</td><td>branch protection not enabled on development/release branches</td></tr><tr><td>SAST</td><td>:warning: 0</td><td>SAST tool is not run on all commits -- score normalized to 0</td></tr></table></details></td></tr>
<tr><td><a href="https://github.com/greenticai/greentic-interfaces"> cargo/greentic-interfaces </a></td><td>0.4.109</td>
      <td> Unknown</td><td>Unknown</td></tr>
<tr><td><a href="https://github.com/greenticai/greentic-types"> cargo/greentic-types </a></td><td>0.4.55</td>
      <td> Unknown</td><td>Unknown</td></tr>
<tr><td><a href="https://github.com/bytecodealliance/wasmtime"> cargo/pulley-interpreter </a></td><td>42.0.1</td>
      <td>:green_circle: 5.4</td><td><details><summary>Details</summary><table><tr><th>Check</th><th>Score</th><th>Reason</th></tr><tr><td>Maintained</td><td>:green_circle: 10</td><td>30 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10</td></tr><tr><td>Code-Review</td><td>:green_circle: 10</td><td>all changesets reviewed</td></tr><tr><td>Security-Policy</td><td>:green_circle: 10</td><td>security policy file detected</td></tr><tr><td>CII-Best-Practices</td><td>:warning: 0</td><td>no effort to earn an OpenSSF best practices badge detected</td></tr><tr><td>Dangerous-Workflow</td><td>:warning: 0</td><td>dangerous workflow patterns detected</td></tr><tr><td>Token-Permissions</td><td>:warning: 0</td><td>detected GitHub workflow tokens with excessive permissions</td></tr><tr><td>License</td><td>:green_circle: 10</td><td>license file detected</td></tr><tr><td>Binary-Artifacts</td><td>:green_circle: 10</td><td>no binaries found in the repo</td></tr><tr><td>Fuzzing</td><td>:green_circle: 10</td><td>project is fuzzed</td></tr><tr><td>Packaging</td><td>:green_circle: 10</td><td>packaging workflow detected</td></tr><tr><td>Branch-Protection</td><td>:green_circle: 8</td><td>branch protection is not maximal on development and all release branches</td></tr><tr><td>Signed-Releases</td><td>:warning: 0</td><td>Project has not signed or included provenance with any releases.</td></tr><tr><td>Pinned-Dependencies</td><td>:warning: 0</td><td>dependency not pinned by hash detected -- score normalized to 0</td></tr><tr><td>SAST</td><td>:warning: 0</td><td>SAST tool is not run on all commits -- score normalized to 0</td></tr></table></details></td></tr>
<tr><td><a href="https://github.com/bytecodealliance/wasmtime"> cargo/pulley-macros </a></td><td>42.0.1</td>
      <td>:green_circle: 5.4</td><td><details><summary>Details</summary><table><tr><th>Check</th><th>Score</th><th>Reason</th></tr><tr><td>Maintained</td><td>:green_circle: 10</td><td>30 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10</td></tr><tr><td>Code-Review</td><td>:green_circle: 10</td><td>all changesets reviewed</td></tr><tr><td>Security-Policy</td><td>:green_circle: 10</td><td>security policy file detected</td></tr><tr><td>CII-Best-Practices</td><td>:warning: 0</td><td>no effort to earn an OpenSSF best practices badge detected</td></tr><tr><td>Dangerous-Workflow</td><td>:warning: 0</td><td>dangerous workflow patterns detected</td></tr><tr><td>Token-Permissions</td><td>:warning: 0</td><td>detected GitHub workflow tokens with excessive permissions</td></tr><tr><td>License</td><td>:green_circle: 10</td><td>license file detected</td></tr><tr><td>Binary-Artifacts</td><td>:green_circle: 10</td><td>no binaries found in the repo</td></tr><tr><td>Fuzzing</td><td>:green_circle: 10</td><td>project is fuzzed</td></tr><tr><td>Packaging</td><td>:green_circle: 10</td><td>packaging workflow detected</td></tr><tr><td>Branch-Protection</td><td>:green_circle: 8</td><td>branch protection is not maximal on development and all release branches</td></tr><tr><td>Signed-Releases</td><td>:warning: 0</td><td>Project has not signed or included provenance with any releases.</td></tr><tr><td>Pinned-Dependencies</td><td>:warning: 0</td><td>dependency not pinned by hash detected -- score normalized to 0</td></tr><tr><td>SAST</td><td>:warning: 0</td><td>SAST tool is not run on all commits -- score normalized to 0</td></tr></table></details></td></tr>
<tr><td><a href="https://github.com/bytecodealliance/wasm-tools"> cargo/wasmprinter </a></td><td>0.244.0</td>
      <td>:green_circle: 5.4</td><td><details><summary>Details</summary><table><tr><th>Check</th><th>Score</th><th>Reason</th></tr><tr><td>Maintained</td><td>:green_circle: 10</td><td>30 commit(s) and 8 issue activity found in the last 90 days -- score normalized to 10</td></tr><tr><td>Code-Review</td><td>:green_circle: 10</td><td>all changesets reviewed</td></tr><tr><td>Packaging</td><td>:warning: -1</td><td>packaging workflow not detected</td></tr><tr><td>Security-Policy</td><td>:green_circle: 10</td><td>security policy file detected</td></tr><tr><td>CII-Best-Practices</td><td>:warning: 0</td><td>no effort to earn an OpenSSF best practices badge detected</td></tr><tr><td>Dangerous-Workflow</td><td>:green_circle: 10</td><td>no dangerous workflow patterns detected</td></tr><tr><td>Token-Permissions</td><td>:warning: 0</td><td>detected GitHub workflow tokens with excessive permissions</td></tr><tr><td>License</td><td>:green_circle: 10</td><td>license file detected</td></tr><tr><td>Fuzzing</td><td>:green_circle: 10</td><td>project is fuzzed</td></tr><tr><td>Binary-Artifacts</td><td>:warning: 0</td><td>binaries present in source code</td></tr><tr><td>Branch-Protection</td><td>:green_circle: 8</td><td>branch protection is not maximal on development and all release branches</td></tr><tr><td>Signed-Releases</td><td>:warning: 0</td><td>Project has not signed or included provenance with any releases.</td></tr><tr><td>Pinned-Dependencies</td><td>:warning: 0</td><td>dependency not pinned by hash detected -- score normalized to 0</td></tr><tr><td>SAST</td><td>:warning: 0</td><td>SAST tool is not run on all commits -- score normalized to 0</td></tr></table></details></td></tr>
<tr><td><a href="https://github.com/bytecodealliance/wasmtime"> cargo/wasmtime </a></td><td>42.0.1</td>
      <td>:green_circle: 5.4</td><td><details><summary>Details</summary><table><tr><th>Check</th><th>Score</th><th>Reason</th></tr><tr><td>Maintained</td><td>:green_circle: 10</td><td>30 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10</td></tr><tr><td>Code-Review</td><td>:green_circle: 10</td><td>all changesets reviewed</td></tr><tr><td>Security-Policy</td><td>:green_circle: 10</td><td>security policy file detected</td></tr><tr><td>CII-Best-Practices</td><td>:warning: 0</td><td>no effort to earn an OpenSSF best practices badge detected</td></tr><tr><td>Dangerous-Workflow</td><td>:warning: 0</td><td>dangerous workflow patterns detected</td></tr><tr><td>Token-Permissions</td><td>:warning: 0</td><td>detected GitHub workflow tokens with excessive permissions</td></tr><tr><td>License</td><td>:green_circle: 10</td><td>license file detected</td></tr><tr><td>Binary-Artifacts</td><td>:green_circle: 10</td><td>no binaries found in the repo</td></tr><tr><td>Fuzzing</td><td>:green_circle: 10</td><td>project is fuzzed</td></tr><tr><td>Packaging</td><td>:green_circle: 10</td><td>packaging workflow detected</td></tr><tr><td>Branch-Protection</td><td>:green_circle: 8</td><td>branch protection is not maximal on development and all release branches</td></tr><tr><td>Signed-Releases</td><td>:warning: 0</td><td>Project has not signed or included provenance with any releases.</td></tr><tr><td>Pinned-Dependencies</td><td>:warning: 0</td><td>dependency not pinned by hash detected -- score normalized to 0</td></tr><tr><td>SAST</td><td>:warning: 0</td><td>SAST tool is not run on all commits -- score normalized to 0</td></tr></table></details></td></tr>
<tr><td><a href="https://github.com/bytecodealliance/wasmtime"> cargo/wasmtime-environ </a></td><td>42.0.1</td>
      <td>:green_circle: 5.4</td><td><details><summary>Details</summary><table><tr><th>Check</th><th>Score</th><th>Reason</th></tr><tr><td>Maintained</td><td>:green_circle: 10</td><td>30 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10</td></tr><tr><td>Code-Review</td><td>:green_circle: 10</td><td>all changesets reviewed</td></tr><tr><td>Security-Policy</td><td>:green_circle: 10</td><td>security policy file detected</td></tr><tr><td>CII-Best-Practices</td><td>:warning: 0</td><td>no effort to earn an OpenSSF best practices badge detected</td></tr><tr><td>Dangerous-Workflow</td><td>:warning: 0</td><td>dangerous workflow patterns detected</td></tr><tr><td>Token-Permissions</td><td>:warning: 0</td><td>detected GitHub workflow tokens with excessive permissions</td></tr><tr><td>License</td><td>:green_circle: 10</td><td>license file detected</td></tr><tr><td>Binary-Artifacts</td><td>:green_circle: 10</td><td>no binaries found in the repo</td></tr><tr><td>Fuzzing</td><td>:green_circle: 10</td><td>project is fuzzed</td></tr><tr><td>Packaging</td><td>:green_circle: 10</td><td>packaging workflow detected</td></tr><tr><td>Branch-Protection</td><td>:green_circle: 8</td><td>branch protection is not maximal on development and all release branches</td></tr><tr><td>Signed-Releases</td><td>:warning: 0</td><td>Project has not signed or included provenance with any releases.</td></tr><tr><td>Pinned-Dependencies</td><td>:warning: 0</td><td>dependency not pinned by hash detected -- score normalized to 0</td></tr><tr><td>SAST</td><td>:warning: 0</td><td>SAST tool is not run on all commits -- score normalized to 0</td></tr></table></details></td></tr>
<tr><td><a href="https://github.com/bytecodealliance/wasmtime"> cargo/wasmtime-internal-component-macro </a></td><td>42.0.1</td>
      <td>:green_circle: 5.4</td><td><details><summary>Details</summary><table><tr><th>Check</th><th>Score</th><th>Reason</th></tr><tr><td>Maintained</td><td>:green_circle: 10</td><td>30 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10</td></tr><tr><td>Code-Review</td><td>:green_circle: 10</td><td>all changesets reviewed</td></tr><tr><td>Security-Policy</td><td>:green_circle: 10</td><td>security policy file detected</td></tr><tr><td>CII-Best-Practices</td><td>:warning: 0</td><td>no effort to earn an OpenSSF best practices badge detected</td></tr><tr><td>Dangerous-Workflow</td><td>:warning: 0</td><td>dangerous workflow patterns detected</td></tr><tr><td>Token-Permissions</td><td>:warning: 0</td><td>detected GitHub workflow tokens with excessive permissions</td></tr><tr><td>License</td><td>:green_circle: 10</td><td>license file detected</td></tr><tr><td>Binary-Artifacts</td><td>:green_circle: 10</td><td>no binaries found in the repo</td></tr><tr><td>Fuzzing</td><td>:green_circle: 10</td><td>project is fuzzed</td></tr><tr><td>Packaging</td><td>:green_circle: 10</td><td>packaging workflow detected</td></tr><tr><td>Branch-Protection</td><td>:green_circle: 8</td><td>branch protection is not maximal on development and all release branches</td></tr><tr><td>Signed-Releases</td><td>:warning: 0</td><td>Project has not signed or included provenance with any releases.</td></tr><tr><td>Pinned-Dependencies</td><td>:warning: 0</td><td>dependency not pinned by hash detected -- score normalized to 0</td></tr><tr><td>SAST</td><td>:warning: 0</td><td>SAST tool is not run on all commits -- score normalized to 0</td></tr></table></details></td></tr>
<tr><td><a href="https://github.com/bytecodealliance/wasmtime"> cargo/wasmtime-internal-component-util </a></td><td>42.0.1</td>
      <td>:green_circle: 5.4</td><td><details><summary>Details</summary><table><tr><th>Check</th><th>Score</th><th>Reason</th></tr><tr><td>Maintained</td><td>:green_circle: 10</td><td>30 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10</td></tr><tr><td>Code-Review</td><td>:green_circle: 10</td><td>all changesets reviewed</td></tr><tr><td>Security-Policy</td><td>:green_circle: 10</td><td>security policy file detected</td></tr><tr><td>CII-Best-Practices</td><td>:warning: 0</td><td>no effort to earn an OpenSSF best practices badge detected</td></tr><tr><td>Dangerous-Workflow</td><td>:warning: 0</td><td>dangerous workflow patterns detected</td></tr><tr><td>Token-Permissions</td><td>:warning: 0</td><td>detected GitHub workflow tokens with excessive permissions</td></tr><tr><td>License</td><td>:green_circle: 10</td><td>license file detected</td></tr><tr><td>Binary-Artifacts</td><td>:green_circle: 10</td><td>no binaries found in the repo</td></tr><tr><td>Fuzzing</td><td>:green_circle: 10</td><td>project is fuzzed</td></tr><tr><td>Packaging</td><td>:green_circle: 10</td><td>packaging workflow detected</td></tr><tr><td>Branch-Protection</td><td>:green_circle: 8</td><td>branch protection is not maximal on development and all release branches</td></tr><tr><td>Signed-Releases</td><td>:warning: 0</td><td>Project has not signed or included provenance with any releases.</td></tr><tr><td>Pinned-Dependencies</td><td>:warning: 0</td><td>dependency not pinned by hash detected -- score normalized to 0</td></tr><tr><td>SAST</td><td>:warning: 0</td><td>SAST tool is not run on all commits -- score normalized to 0</td></tr></table></details></td></tr>
<tr><td> cargo/wasmtime-internal-core </td><td>42.0.1</td>
      <td> Unknown</td><td>Unknown</td></tr>
<tr><td><a href="https://github.com/bytecodealliance/wasmtime"> cargo/wasmtime-internal-cranelift </a></td><td>42.0.1</td>
      <td>:green_circle: 5.4</td><td><details><summary>Details</summary><table><tr><th>Check</th><th>Score</th><th>Reason</th></tr><tr><td>Maintained</td><td>:green_circle: 10</td><td>30 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10</td></tr><tr><td>Code-Review</td><td>:green_circle: 10</td><td>all changesets reviewed</td></tr><tr><td>Security-Policy</td><td>:green_circle: 10</td><td>security policy file detected</td></tr><tr><td>CII-Best-Practices</td><td>:warning: 0</td><td>no effort to earn an OpenSSF best practices badge detected</td></tr><tr><td>Dangerous-Workflow</td><td>:warning: 0</td><td>dangerous workflow patterns detected</td></tr><tr><td>Token-Permissions</td><td>:warning: 0</td><td>detected GitHub workflow tokens with excessive permissions</td></tr><tr><td>License</td><td>:green_circle: 10</td><td>license file detected</td></tr><tr><td>Binary-Artifacts</td><td>:green_circle: 10</td><td>no binaries found in the repo</td></tr><tr><td>Fuzzing</td><td>:green_circle: 10</td><td>project is fuzzed</td></tr><tr><td>Packaging</td><td>:green_circle: 10</td><td>packaging workflow detected</td></tr><tr><td>Branch-Protection</td><td>:green_circle: 8</td><td>branch protection is not maximal on development and all release branches</td></tr><tr><td>Signed-Releases</td><td>:warning: 0</td><td>Project has not signed or included provenance with any releases.</td></tr><tr><td>Pinned-Dependencies</td><td>:warning: 0</td><td>dependency not pinned by hash detected -- score normalized to 0</td></tr><tr><td>SAST</td><td>:warning: 0</td><td>SAST tool is not run on all commits -- score normalized to 0</td></tr></table></details></td></tr>
<tr><td><a href="https://github.com/bytecodealliance/wasmtime"> cargo/wasmtime-internal-fiber </a></td><td>42.0.1</td>
      <td>:green_circle: 5.4</td><td><details><summary>Details</summary><table><tr><th>Check</th><th>Score</th><th>Reason</th></tr><tr><td>Maintained</td><td>:green_circle: 10</td><td>30 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10</td></tr><tr><td>Code-Review</td><td>:green_circle: 10</td><td>all changesets reviewed</td></tr><tr><td>Security-Policy</td><td>:green_circle: 10</td><td>security policy file detected</td></tr><tr><td>CII-Best-Practices</td><td>:warning: 0</td><td>no effort to earn an OpenSSF best practices badge detected</td></tr><tr><td>Dangerous-Workflow</td><td>:warning: 0</td><td>dangerous workflow patterns detected</td></tr><tr><td>Token-Permissions</td><td>:warning: 0</td><td>detected GitHub workflow tokens with excessive permissions</td></tr><tr><td>License</td><td>:green_circle: 10</td><td>license file detected</td></tr><tr><td>Binary-Artifacts</td><td>:green_circle: 10</td><td>no binaries found in the repo</td></tr><tr><td>Fuzzing</td><td>:green_circle: 10</td><td>project is fuzzed</td></tr><tr><td>Packaging</td><td>:green_circle: 10</td><td>packaging workflow detected</td></tr><tr><td>Branch-Protection</td><td>:green_circle: 8</td><td>branch protection is not maximal on development and all release branches</td></tr><tr><td>Signed-Releases</td><td>:warning: 0</td><td>Project has not signed or included provenance with any releases.</td></tr><tr><td>Pinned-Dependencies</td><td>:warning: 0</td><td>dependency not pinned by hash detected -- score normalized to 0</td></tr><tr><td>SAST</td><td>:warning: 0</td><td>SAST tool is not run on all commits -- score normalized to 0</td></tr></table></details></td></tr>
<tr><td><a href="https://github.com/bytecodealliance/wasmtime"> cargo/wasmtime-internal-jit-debug </a></td><td>42.0.1</td>
      <td>:green_circle: 5.4</td><td><details><summary>Details</summary><table><tr><th>Check</th><th>Score</th><th>Reason</th></tr><tr><td>Maintained</td><td>:green_circle: 10</td><td>30 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10</td></tr><tr><td>Code-Review</td><td>:green_circle: 10</td><td>all changesets reviewed</td></tr><tr><td>Security-Policy</td><td>:green_circle: 10</td><td>security policy file detected</td></tr><tr><td>CII-Best-Practices</td><td>:warning: 0</td><td>no effort to earn an OpenSSF best practices badge detected</td></tr><tr><td>Dangerous-Workflow</td><td>:warning: 0</td><td>dangerous workflow patterns detected</td></tr><tr><td>Token-Permissions</td><td>:warning: 0</td><td>detected GitHub workflow tokens with excessive permissions</td></tr><tr><td>License</td><td>:green_circle: 10</td><td>license file detected</td></tr><tr><td>Binary-Artifacts</td><td>:green_circle: 10</td><td>no binaries found in the repo</td></tr><tr><td>Fuzzing</td><td>:green_circle: 10</td><td>project is fuzzed</td></tr><tr><td>Packaging</td><td>:green_circle: 10</td><td>packaging workflow detected</td></tr><tr><td>Branch-Protection</td><td>:green_circle: 8</td><td>branch protection is not maximal on development and all release branches</td></tr><tr><td>Signed-Releases</td><td>:warning: 0</td><td>Project has not signed or included provenance with any releases.</td></tr><tr><td>Pinned-Dependencies</td><td>:warning: 0</td><td>dependency not pinned by hash detected -- score normalized to 0</td></tr><tr><td>SAST</td><td>:warning: 0</td><td>SAST tool is not run on all commits -- score normalized to 0</td></tr></table></details></td></tr>
<tr><td><a href="https://github.com/bytecodealliance/wasmtime"> cargo/wasmtime-internal-jit-icache-coherence </a></td><td>42.0.1</td>
      <td>:green_circle: 5.4</td><td><details><summary>Details</summary><table><tr><th>Check</th><th>Score</th><th>Reason</th></tr><tr><td>Maintained</td><td>:green_circle: 10</td><td>30 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10</td></tr><tr><td>Code-Review</td><td>:green_circle: 10</td><td>all changesets reviewed</td></tr><tr><td>Security-Policy</td><td>:green_circle: 10</td><td>security policy file detected</td></tr><tr><td>CII-Best-Practices</td><td>:warning: 0</td><td>no effort to earn an OpenSSF best practices badge detected</td></tr><tr><td>Dangerous-Workflow</td><td>:warning: 0</td><td>dangerous workflow patterns detected</td></tr><tr><td>Token-Permissions</td><td>:warning: 0</td><td>detected GitHub workflow tokens with excessive permissions</td></tr><tr><td>License</td><td>:green_circle: 10</td><td>license file detected</td></tr><tr><td>Binary-Artifacts</td><td>:green_circle: 10</td><td>no binaries found in the repo</td></tr><tr><td>Fuzzing</td><td>:green_circle: 10</td><td>project is fuzzed</td></tr><tr><td>Packaging</td><td>:green_circle: 10</td><td>packaging workflow detected</td></tr><tr><td>Branch-Protection</td><td>:green_circle: 8</td><td>branch protection is not maximal on development and all release branches</td></tr><tr><td>Signed-Releases</td><td>:warning: 0</td><td>Project has not signed or included provenance with any releases.</td></tr><tr><td>Pinned-Dependencies</td><td>:warning: 0</td><td>dependency not pinned by hash detected -- score normalized to 0</td></tr><tr><td>SAST</td><td>:warning: 0</td><td>SAST tool is not run on all commits -- score normalized to 0</td></tr></table></details></td></tr>
<tr><td><a href="https://github.com/bytecodealliance/wasmtime"> cargo/wasmtime-internal-unwinder </a></td><td>42.0.1</td>
      <td>:green_circle: 5.4</td><td><details><summary>Details</summary><table><tr><th>Check</th><th>Score</th><th>Reason</th></tr><tr><td>Maintained</td><td>:green_circle: 10</td><td>30 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10</td></tr><tr><td>Code-Review</td><td>:green_circle: 10</td><td>all changesets reviewed</td></tr><tr><td>Security-Policy</td><td>:green_circle: 10</td><td>security policy file detected</td></tr><tr><td>CII-Best-Practices</td><td>:warning: 0</td><td>no effort to earn an OpenSSF best practices badge detected</td></tr><tr><td>Dangerous-Workflow</td><td>:warning: 0</td><td>dangerous workflow patterns detected</td></tr><tr><td>Token-Permissions</td><td>:warning: 0</td><td>detected GitHub workflow tokens with excessive permissions</td></tr><tr><td>License</td><td>:green_circle: 10</td><td>license file detected</td></tr><tr><td>Binary-Artifacts</td><td>:green_circle: 10</td><td>no binaries found in the repo</td></tr><tr><td>Fuzzing</td><td>:green_circle: 10</td><td>project is fuzzed</td></tr><tr><td>Packaging</td><td>:green_circle: 10</td><td>packaging workflow detected</td></tr><tr><td>Branch-Protection</td><td>:green_circle: 8</td><td>branch protection is not maximal on development and all release branches</td></tr><tr><td>Signed-Releases</td><td>:warning: 0</td><td>Project has not signed or included provenance with any releases.</td></tr><tr><td>Pinned-Dependencies</td><td>:warning: 0</td><td>dependency not pinned by hash detected -- score normalized to 0</td></tr><tr><td>SAST</td><td>:warning: 0</td><td>SAST tool is not run on all commits -- score normalized to 0</td></tr></table></details></td></tr>
<tr><td><a href="https://github.com/bytecodealliance/wasmtime"> cargo/wasmtime-internal-versioned-export-macros </a></td><td>42.0.1</td>
      <td>:green_circle: 5.4</td><td><details><summary>Details</summary><table><tr><th>Check</th><th>Score</th><th>Reason</th></tr><tr><td>Maintained</td><td>:green_circle: 10</td><td>30 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10</td></tr><tr><td>Code-Review</td><td>:green_circle: 10</td><td>all changesets reviewed</td></tr><tr><td>Security-Policy</td><td>:green_circle: 10</td><td>security policy file detected</td></tr><tr><td>CII-Best-Practices</td><td>:warning: 0</td><td>no effort to earn an OpenSSF best practices badge detected</td></tr><tr><td>Dangerous-Workflow</td><td>:warning: 0</td><td>dangerous workflow patterns detected</td></tr><tr><td>Token-Permissions</td><td>:warning: 0</td><td>detected GitHub workflow tokens with excessive permissions</td></tr><tr><td>License</td><td>:green_circle: 10</td><td>license file detected</td></tr><tr><td>Binary-Artifacts</td><td>:green_circle: 10</td><td>no binaries found in the repo</td></tr><tr><td>Fuzzing</td><td>:green_circle: 10</td><td>project is fuzzed</td></tr><tr><td>Packaging</td><td>:green_circle: 10</td><td>packaging workflow detected</td></tr><tr><td>Branch-Protection</td><td>:green_circle: 8</td><td>branch protection is not maximal on development and all release branches</td></tr><tr><td>Signed-Releases</td><td>:warning: 0</td><td>Project has not signed or included provenance with any releases.</td></tr><tr><td>Pinned-Dependencies</td><td>:warning: 0</td><td>dependency not pinned by hash detected -- score normalized to 0</td></tr><tr><td>SAST</td><td>:warning: 0</td><td>SAST tool is not run on all commits -- score normalized to 0</td></tr></table></details></td></tr>
<tr><td><a href="https://github.com/bytecodealliance/wasmtime"> cargo/wasmtime-internal-winch </a></td><td>42.0.1</td>
      <td>:green_circle: 5.4</td><td><details><summary>Details</summary><table><tr><th>Check</th><th>Score</th><th>Reason</th></tr><tr><td>Maintained</td><td>:green_circle: 10</td><td>30 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10</td></tr><tr><td>Code-Review</td><td>:green_circle: 10</td><td>all changesets reviewed</td></tr><tr><td>Security-Policy</td><td>:green_circle: 10</td><td>security policy file detected</td></tr><tr><td>CII-Best-Practices</td><td>:warning: 0</td><td>no effort to earn an OpenSSF best practices badge detected</td></tr><tr><td>Dangerous-Workflow</td><td>:warning: 0</td><td>dangerous workflow patterns detected</td></tr><tr><td>Token-Permissions</td><td>:warning: 0</td><td>detected GitHub workflow tokens with excessive permissions</td></tr><tr><td>License</td><td>:green_circle: 10</td><td>license file detected</td></tr><tr><td>Binary-Artifacts</td><td>:green_circle: 10</td><td>no binaries found in the repo</td></tr><tr><td>Fuzzing</td><td>:green_circle: 10</td><td>project is fuzzed</td></tr><tr><td>Packaging</td><td>:green_circle: 10</td><td>packaging workflow detected</td></tr><tr><td>Branch-Protection</td><td>:green_circle: 8</td><td>branch protection is not maximal on development and all release branches</td></tr><tr><td>Signed-Releases</td><td>:warning: 0</td><td>Project has not signed or included provenance with any releases.</td></tr><tr><td>Pinned-Dependencies</td><td>:warning: 0</td><td>dependency not pinned by hash detected -- score normalized to 0</td></tr><tr><td>SAST</td><td>:warning: 0</td><td>SAST tool is not run on all commits -- score normalized to 0</td></tr></table></details></td></tr>
<tr><td><a href="https://github.com/bytecodealliance/wasmtime"> cargo/wasmtime-internal-wit-bindgen </a></td><td>42.0.1</td>
      <td>:green_circle: 5.4</td><td><details><summary>Details</summary><table><tr><th>Check</th><th>Score</th><th>Reason</th></tr><tr><td>Maintained</td><td>:green_circle: 10</td><td>30 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10</td></tr><tr><td>Code-Review</td><td>:green_circle: 10</td><td>all changesets reviewed</td></tr><tr><td>Security-Policy</td><td>:green_circle: 10</td><td>security policy file detected</td></tr><tr><td>CII-Best-Practices</td><td>:warning: 0</td><td>no effort to earn an OpenSSF best practices badge detected</td></tr><tr><td>Dangerous-Workflow</td><td>:warning: 0</td><td>dangerous workflow patterns detected</td></tr><tr><td>Token-Permissions</td><td>:warning: 0</td><td>detected GitHub workflow tokens with excessive permissions</td></tr><tr><td>License</td><td>:green_circle: 10</td><td>license file detected</td></tr><tr><td>Binary-Artifacts</td><td>:green_circle: 10</td><td>no binaries found in the repo</td></tr><tr><td>Fuzzing</td><td>:green_circle: 10</td><td>project is fuzzed</td></tr><tr><td>Packaging</td><td>:green_circle: 10</td><td>packaging workflow detected</td></tr><tr><td>Branch-Protection</td><td>:green_circle: 8</td><td>branch protection is not maximal on development and all release branches</td></tr><tr><td>Signed-Releases</td><td>:warning: 0</td><td>Project has not signed or included provenance with any releases.</td></tr><tr><td>Pinned-Dependencies</td><td>:warning: 0</td><td>dependency not pinned by hash detected -- score normalized to 0</td></tr><tr><td>SAST</td><td>:warning: 0</td><td>SAST tool is not run on all commits -- score normalized to 0</td></tr></table></details></td></tr>
<tr><td><a href="https://github.com/bytecodealliance/wasmtime"> cargo/winch-codegen </a></td><td>42.0.1</td>
      <td>:green_circle: 5.4</td><td><details><summary>Details</summary><table><tr><th>Check</th><th>Score</th><th>Reason</th></tr><tr><td>Maintained</td><td>:green_circle: 10</td><td>30 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10</td></tr><tr><td>Code-Review</td><td>:green_circle: 10</td><td>all changesets reviewed</td></tr><tr><td>Security-Policy</td><td>:green_circle: 10</td><td>security policy file detected</td></tr><tr><td>CII-Best-Practices</td><td>:warning: 0</td><td>no effort to earn an OpenSSF best practices badge detected</td></tr><tr><td>Dangerous-Workflow</td><td>:warning: 0</td><td>dangerous workflow patterns detected</td></tr><tr><td>Token-Permissions</td><td>:warning: 0</td><td>detected GitHub workflow tokens with excessive permissions</td></tr><tr><td>License</td><td>:green_circle: 10</td><td>license file detected</td></tr><tr><td>Binary-Artifacts</td><td>:green_circle: 10</td><td>no binaries found in the repo</td></tr><tr><td>Fuzzing</td><td>:green_circle: 10</td><td>project is fuzzed</td></tr><tr><td>Packaging</td><td>:green_circle: 10</td><td>packaging workflow detected</td></tr><tr><td>Branch-Protection</td><td>:green_circle: 8</td><td>branch protection is not maximal on development and all release branches</td></tr><tr><td>Signed-Releases</td><td>:warning: 0</td><td>Project has not signed or included provenance with any releases.</td></tr><tr><td>Pinned-Dependencies</td><td>:warning: 0</td><td>dependency not pinned by hash detected -- score normalized to 0</td></tr><tr><td>SAST</td><td>:warning: 0</td><td>SAST tool is not run on all commits -- score normalized to 0</td></tr></table></details></td></tr>
</table></details><h2>Scanned Files</h2>
<ul><li>Cargo.lock</li></ul>