Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Scorecard details

Package

Version

Score

Details

cargo/aho-corasick

1.1.3

:green_circle: 5.4

Details

Check	Score	Reason
Code-Review	:warning: 1	Found 3/22 approved changesets -- score normalized to 1
Maintained	:green_circle: 5	3 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 5
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 9	license file detected
Signed-Releases	:warning: -1	no releases found
Packaging	:warning: -1	packaging workflow not detected
Branch-Protection	:warning: 0	branch protection not enabled on development/release branches
Binary-Artifacts	:green_circle: 10	no binaries found in the repo
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Token-Permissions	:green_circle: 10	GitHub workflow tokens follow principle of least privilege
Fuzzing	:green_circle: 10	project is fuzzed
Security-Policy	:warning: 0	security policy file not detected
Vulnerabilities	:green_circle: 9	1 existing vulnerabilities detected
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0

cargo/anstream

0.6.13

:green_circle: 6.1

Details

Check	Score	Reason
Maintained	:green_circle: 10	30 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10
Code-Review	:warning: 1	Found 1/10 approved changesets -- score normalized to 1
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
Signed-Releases	:warning: -1	no releases found
Branch-Protection	:warning: -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
License	:warning: 0	license file not detected
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Packaging	:warning: -1	packaging workflow not detected
Binary-Artifacts	:green_circle: 10	no binaries found in the repo
Token-Permissions	:green_circle: 10	GitHub workflow tokens follow principle of least privilege
Fuzzing	:warning: 0	project is not fuzzed
Security-Policy	:warning: 0	security policy file not detected
SAST	:green_circle: 10	SAST tool is run on all commits
Vulnerabilities	:green_circle: 8	2 existing vulnerabilities detected
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0

cargo/anstyle

1.0.6

:green_circle: 6.1

Details

Check	Score	Reason
Maintained	:green_circle: 10	30 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10
Code-Review	:warning: 1	Found 1/10 approved changesets -- score normalized to 1
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
Signed-Releases	:warning: -1	no releases found
Branch-Protection	:warning: -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
License	:warning: 0	license file not detected
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Packaging	:warning: -1	packaging workflow not detected
Binary-Artifacts	:green_circle: 10	no binaries found in the repo
Token-Permissions	:green_circle: 10	GitHub workflow tokens follow principle of least privilege
Fuzzing	:warning: 0	project is not fuzzed
Security-Policy	:warning: 0	security policy file not detected
SAST	:green_circle: 10	SAST tool is run on all commits
Vulnerabilities	:green_circle: 8	2 existing vulnerabilities detected
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0

cargo/anstyle-parse

0.2.3

:green_circle: 6.1

Details

Check	Score	Reason
Maintained	:green_circle: 10	30 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10
Code-Review	:warning: 1	Found 1/10 approved changesets -- score normalized to 1
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
Signed-Releases	:warning: -1	no releases found
Branch-Protection	:warning: -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
License	:warning: 0	license file not detected
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Packaging	:warning: -1	packaging workflow not detected
Binary-Artifacts	:green_circle: 10	no binaries found in the repo
Token-Permissions	:green_circle: 10	GitHub workflow tokens follow principle of least privilege
Fuzzing	:warning: 0	project is not fuzzed
Security-Policy	:warning: 0	security policy file not detected
SAST	:green_circle: 10	SAST tool is run on all commits
Vulnerabilities	:green_circle: 8	2 existing vulnerabilities detected
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0

cargo/anstyle-query

1.0.2

:green_circle: 6.1

Details

Check	Score	Reason
Maintained	:green_circle: 10	30 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10
Code-Review	:warning: 1	Found 1/10 approved changesets -- score normalized to 1
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
Signed-Releases	:warning: -1	no releases found
Branch-Protection	:warning: -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
License	:warning: 0	license file not detected
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Packaging	:warning: -1	packaging workflow not detected
Binary-Artifacts	:green_circle: 10	no binaries found in the repo
Token-Permissions	:green_circle: 10	GitHub workflow tokens follow principle of least privilege
Fuzzing	:warning: 0	project is not fuzzed
Security-Policy	:warning: 0	security policy file not detected
SAST	:green_circle: 10	SAST tool is run on all commits
Vulnerabilities	:green_circle: 8	2 existing vulnerabilities detected
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0

cargo/anstyle-wincon

3.0.2

:green_circle: 6.1

Details

Check	Score	Reason
Maintained	:green_circle: 10	30 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10
Code-Review	:warning: 1	Found 1/10 approved changesets -- score normalized to 1
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
Signed-Releases	:warning: -1	no releases found
Branch-Protection	:warning: -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
License	:warning: 0	license file not detected
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Packaging	:warning: -1	packaging workflow not detected
Binary-Artifacts	:green_circle: 10	no binaries found in the repo
Token-Permissions	:green_circle: 10	GitHub workflow tokens follow principle of least privilege
Fuzzing	:warning: 0	project is not fuzzed
Security-Policy	:warning: 0	security policy file not detected
SAST	:green_circle: 10	SAST tool is run on all commits
Vulnerabilities	:green_circle: 8	2 existing vulnerabilities detected
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0

cargo/autocfg

1.2.0

:green_circle: 5.1

Details

Check	Score	Reason
Maintained	:green_circle: 10	21 commit(s) and 9 issue activity found in the last 90 days -- score normalized to 10
Code-Review	:green_circle: 3	Found 4/12 approved changesets -- score normalized to 3
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Signed-Releases	:warning: -1	no releases found
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Packaging	:warning: -1	packaging workflow not detected
Binary-Artifacts	:green_circle: 10	no binaries found in the repo
Token-Permissions	:warning: 0	detected GitHub workflow tokens with excessive permissions
Branch-Protection	:warning: -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Fuzzing	:warning: 0	project is not fuzzed
Vulnerabilities	:green_circle: 10	0 existing vulnerabilities detected
Security-Policy	:warning: 0	security policy file not detected
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0

cargo/bstr

1.9.1

:green_circle: 5.4

Details

Check	Score	Reason
Maintained	:green_circle: 5	0 commit(s) and 7 issue activity found in the last 90 days -- score normalized to 5
Code-Review	:warning: 1	Found 3/24 approved changesets -- score normalized to 1
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 9	license file detected
Signed-Releases	:warning: -1	no releases found
Branch-Protection	:warning: -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Packaging	:warning: -1	packaging workflow not detected
Token-Permissions	:green_circle: 10	GitHub workflow tokens follow principle of least privilege
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Binary-Artifacts	:green_circle: 10	no binaries found in the repo
Fuzzing	:warning: 0	project is not fuzzed
Vulnerabilities	:green_circle: 10	0 existing vulnerabilities detected
Security-Policy	:warning: 0	security policy file not detected
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0

cargo/bumpalo

3.16.0

:green_circle: 4.9

Details

Check	Score	Reason
Maintained	:green_circle: 10	8 commit(s) and 6 issue activity found in the last 90 days -- score normalized to 10
Code-Review	:green_circle: 6	Found 14/22 approved changesets -- score normalized to 6
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Signed-Releases	:warning: -1	no releases found
Packaging	:warning: -1	packaging workflow not detected
Binary-Artifacts	:green_circle: 10	no binaries found in the repo
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Token-Permissions	:warning: 0	detected GitHub workflow tokens with excessive permissions
Branch-Protection	:warning: 0	branch protection not enabled on development/release branches
Vulnerabilities	:green_circle: 10	0 existing vulnerabilities detected
Fuzzing	:warning: 0	project is not fuzzed
Security-Policy	:warning: 0	security policy file not detected
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0

cargo/chrono

0.4.38

:green_circle: 6.5

Details

Check	Score	Reason
Code-Review	:green_circle: 10	all changesets reviewed
Maintained	:green_circle: 10	30 commit(s) and 25 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 9	license file detected
Binary-Artifacts	:green_circle: 10	no binaries found in the repo
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Packaging	:warning: -1	packaging workflow not detected
Token-Permissions	:warning: 0	detected GitHub workflow tokens with excessive permissions
Branch-Protection	:warning: -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Vulnerabilities	:green_circle: 10	0 existing vulnerabilities detected
Fuzzing	:green_circle: 10	project is fuzzed
Signed-Releases	:warning: -1	no releases found
Security-Policy	:warning: 0	security policy file not detected
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0

cargo/core-foundation-sys

0.8.6

:green_circle: 5.6

Details

Check	Score	Reason
Code-Review	:green_circle: 8	Found 26/30 approved changesets -- score normalized to 8
Maintained	:green_circle: 10	15 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
Signed-Releases	:warning: -1	no releases found
License	:green_circle: 9	license file detected
Branch-Protection	:warning: -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Packaging	:warning: -1	packaging workflow not detected
Token-Permissions	:warning: 0	detected GitHub workflow tokens with excessive permissions
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Binary-Artifacts	:green_circle: 10	no binaries found in the repo
Vulnerabilities	:green_circle: 10	0 existing vulnerabilities detected
Fuzzing	:warning: 0	project is not fuzzed
Security-Policy	:warning: 0	security policy file not detected
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0

cargo/crc32fast

1.4.0

:green_circle: 4.4

Details

Check	Score	Reason
Maintained	:green_circle: 8	9 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 8
Code-Review	:warning: 2	Found 6/29 approved changesets -- score normalized to 2
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Signed-Releases	:warning: -1	no releases found
Packaging	:warning: -1	packaging workflow not detected
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Binary-Artifacts	:green_circle: 10	no binaries found in the repo
Token-Permissions	:warning: 0	detected GitHub workflow tokens with excessive permissions
Branch-Protection	:warning: 0	branch protection not enabled on development/release branches
Fuzzing	:warning: 0	project is not fuzzed
Vulnerabilities	:green_circle: 10	0 existing vulnerabilities detected
Security-Policy	:warning: 0	security policy file not detected
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0

cargo/crossbeam-deque

0.8.5

:green_circle: 5.4

Details

Check	Score	Reason
Code-Review	:green_circle: 6	Found 12/19 approved changesets -- score normalized to 6
Maintained	:green_circle: 10	16 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Branch-Protection	:warning: -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Packaging	:warning: -1	packaging workflow not detected
Signed-Releases	:warning: -1	no releases found
Binary-Artifacts	:green_circle: 10	no binaries found in the repo
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Token-Permissions	:warning: 0	detected GitHub workflow tokens with excessive permissions
Fuzzing	:warning: 0	project is not fuzzed
Vulnerabilities	:green_circle: 10	0 existing vulnerabilities detected
Security-Policy	:warning: 0	security policy file not detected
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0

cargo/crossbeam-epoch

0.9.18

:green_circle: 5.4

Details

Check	Score	Reason
Code-Review	:green_circle: 6	Found 12/19 approved changesets -- score normalized to 6
Maintained	:green_circle: 10	16 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Branch-Protection	:warning: -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Packaging	:warning: -1	packaging workflow not detected
Signed-Releases	:warning: -1	no releases found
Binary-Artifacts	:green_circle: 10	no binaries found in the repo
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Token-Permissions	:warning: 0	detected GitHub workflow tokens with excessive permissions
Fuzzing	:warning: 0	project is not fuzzed
Vulnerabilities	:green_circle: 10	0 existing vulnerabilities detected
Security-Policy	:warning: 0	security policy file not detected
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0

cargo/crossbeam-utils

0.8.19

:green_circle: 5.4

Details

Check	Score	Reason
Code-Review	:green_circle: 6	Found 12/19 approved changesets -- score normalized to 6
Maintained	:green_circle: 10	16 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Branch-Protection	:warning: -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Packaging	:warning: -1	packaging workflow not detected
Signed-Releases	:warning: -1	no releases found
Binary-Artifacts	:green_circle: 10	no binaries found in the repo
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Token-Permissions	:warning: 0	detected GitHub workflow tokens with excessive permissions
Fuzzing	:warning: 0	project is not fuzzed
Vulnerabilities	:green_circle: 10	0 existing vulnerabilities detected
Security-Policy	:warning: 0	security policy file not detected
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0

cargo/either

1.11.0

Unknown

cargo/globset

0.4.14

:green_circle: 4.7

Details

Check	Score	Reason
Code-Review	:green_circle: 4	Found 12/30 approved changesets -- score normalized to 4
Maintained	:green_circle: 10	18 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 9	license file detected
Branch-Protection	:warning: -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Packaging	:warning: -1	packaging workflow not detected
Token-Permissions	:warning: 0	detected GitHub workflow tokens with excessive permissions
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Binary-Artifacts	:green_circle: 10	no binaries found in the repo
Signed-Releases	:warning: 0	Project has not signed or included provenance with any releases.
Fuzzing	:warning: 0	project is not fuzzed
Security-Policy	:warning: 0	security policy file not detected
Vulnerabilities	:green_circle: 10	0 existing vulnerabilities detected
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0

cargo/hermit-abi

0.3.9

Unknown

cargo/iana-time-zone

0.1.60

:green_circle: 4.5

Details

Check	Score	Reason
Code-Review	:green_circle: 7	Found 14/20 approved changesets -- score normalized to 7
Maintained	:warning: 0	0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
Signed-Releases	:warning: -1	no releases found
License	:green_circle: 9	license file detected
Binary-Artifacts	:green_circle: 10	no binaries found in the repo
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Packaging	:warning: -1	packaging workflow not detected
Token-Permissions	:warning: 0	detected GitHub workflow tokens with excessive permissions
Branch-Protection	:warning: -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Fuzzing	:warning: 0	project is not fuzzed
Vulnerabilities	:green_circle: 10	0 existing vulnerabilities detected
Security-Policy	:warning: 0	security policy file not detected
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0

cargo/itoa

1.0.11

:green_circle: 5.8

Details

Check	Score	Reason
Code-Review	:warning: 0	Found 2/27 approved changesets -- score normalized to 0
Maintained	:green_circle: 7	9 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 7
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Packaging	:warning: -1	packaging workflow not detected
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Binary-Artifacts	:green_circle: 10	no binaries found in the repo
Token-Permissions	:green_circle: 10	GitHub workflow tokens follow principle of least privilege
Signed-Releases	:warning: -1	no releases found
Branch-Protection	:warning: 0	branch protection not enabled on development/release branches
Vulnerabilities	:green_circle: 10	0 existing vulnerabilities detected
Fuzzing	:green_circle: 10	project is fuzzed
Security-Policy	:green_circle: 3	security policy file detected
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0

cargo/js-sys

0.3.69

:green_circle: 5.7

Details

Check	Score	Reason
Code-Review	:green_circle: 7	Found 23/30 approved changesets -- score normalized to 7
Maintained	:green_circle: 10	29 commit(s) and 15 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Branch-Protection	:warning: -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases	:warning: 0	Project has not signed or included provenance with any releases.
Packaging	:warning: -1	packaging workflow not detected
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Token-Permissions	:green_circle: 10	GitHub workflow tokens follow principle of least privilege
Vulnerabilities	:green_circle: 10	0 existing vulnerabilities detected
Binary-Artifacts	:green_circle: 7	binaries present in source code
Fuzzing	:warning: 0	project is not fuzzed
Security-Policy	:warning: 0	security policy file not detected
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0

cargo/libc

0.2.154

:green_circle: 6.6

Details

Check	Score	Reason
Code-Review	:green_circle: 10	all changesets reviewed
Maintained	:green_circle: 10	30 commit(s) and 12 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Branch-Protection	:warning: -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases	:warning: -1	no releases found
Token-Permissions	:warning: 0	detected GitHub workflow tokens with excessive permissions
Binary-Artifacts	:green_circle: 10	no binaries found in the repo
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Packaging	:warning: -1	packaging workflow not detected
Vulnerabilities	:green_circle: 10	0 existing vulnerabilities detected
Fuzzing	:warning: 0	project is not fuzzed
Security-Policy	:green_circle: 10	security policy file detected
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0

cargo/log

0.4.21

:green_circle: 6.9

Details

Check	Score	Reason
Maintained	:green_circle: 10	27 commit(s) and 15 issue activity found in the last 90 days -- score normalized to 10
Code-Review	:green_circle: 10	all changesets reviewed
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Binary-Artifacts	:green_circle: 10	no binaries found in the repo
Signed-Releases	:warning: -1	no releases found
Packaging	:warning: -1	packaging workflow not detected
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Token-Permissions	:green_circle: 10	GitHub workflow tokens follow principle of least privilege
Vulnerabilities	:green_circle: 10	0 existing vulnerabilities detected
Fuzzing	:warning: 0	project is not fuzzed
Branch-Protection	:warning: 0	branch protection not enabled on development/release branches
Security-Policy	:green_circle: 10	security policy file detected
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0

cargo/memchr

2.7.2

Unknown

cargo/miniz_oxide

0.7.2

:green_circle: 5

Details

Check	Score	Reason
Code-Review	:green_circle: 3	Found 11/30 approved changesets -- score normalized to 3
Maintained	:green_circle: 7	6 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 7
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Signed-Releases	:warning: -1	no releases found
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Packaging	:warning: -1	packaging workflow not detected
Token-Permissions	:warning: 0	detected GitHub workflow tokens with excessive permissions
Branch-Protection	:warning: 0	branch protection not enabled on development/release branches
Binary-Artifacts	:green_circle: 10	no binaries found in the repo
Fuzzing	:green_circle: 10	project is fuzzed
Vulnerabilities	:green_circle: 10	0 existing vulnerabilities detected
Security-Policy	:warning: 0	security policy file not detected
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0

cargo/num-traits

0.2.18

:green_circle: 5.1

Details

Check	Score	Reason
Code-Review	:green_circle: 3	Found 2/6 approved changesets -- score normalized to 3
Maintained	:green_circle: 10	6 commit(s) and 8 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
Signed-Releases	:warning: -1	no releases found
License	:green_circle: 10	license file detected
Branch-Protection	:warning: -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Binary-Artifacts	:green_circle: 10	no binaries found in the repo
Token-Permissions	:warning: 0	detected GitHub workflow tokens with excessive permissions
Packaging	:warning: -1	packaging workflow not detected
Vulnerabilities	:green_circle: 10	0 existing vulnerabilities detected
Fuzzing	:warning: 0	project is not fuzzed
Security-Policy	:warning: 0	security policy file not detected
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0

cargo/once_cell

1.19.0

:green_circle: 4.6

Details

Check	Score	Reason
Code-Review	:green_circle: 7	Found 10/13 approved changesets -- score normalized to 7
Maintained	:warning: 0	0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
Signed-Releases	:warning: -1	no releases found
License	:green_circle: 10	license file detected
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Token-Permissions	:warning: 0	detected GitHub workflow tokens with excessive permissions
Binary-Artifacts	:green_circle: 10	no binaries found in the repo
Packaging	:warning: -1	packaging workflow not detected
Branch-Protection	:warning: 0	branch protection not enabled on development/release branches
Fuzzing	:warning: 0	project is not fuzzed
Vulnerabilities	:green_circle: 10	0 existing vulnerabilities detected
Security-Policy	:warning: 0	security policy file not detected
Pinned-Dependencies	:green_circle: 8	dependency not pinned by hash detected -- score normalized to 8
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0

cargo/pin-project-lite

0.2.14

:green_circle: 5.9

Details

Check	Score	Reason
Code-Review	:warning: 0	Found 1/30 approved changesets -- score normalized to 0
Maintained	:green_circle: 10	23 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Packaging	:warning: -1	packaging workflow not detected
Token-Permissions	:green_circle: 10	GitHub workflow tokens follow principle of least privilege
Binary-Artifacts	:green_circle: 10	no binaries found in the repo
Branch-Protection	:warning: -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases	:warning: -1	no releases found
Fuzzing	:warning: 0	project is not fuzzed
Vulnerabilities	:green_circle: 10	0 existing vulnerabilities detected
Security-Policy	:warning: 0	security policy file not detected
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0

cargo/proc-macro2

1.0.81

:green_circle: 6.1

Details

Check	Score	Reason
Maintained	:green_circle: 10	30 commit(s) and 7 issue activity found in the last 90 days -- score normalized to 10
Code-Review	:warning: 0	Found 0/20 approved changesets -- score normalized to 0
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Packaging	:warning: -1	packaging workflow not detected
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Binary-Artifacts	:green_circle: 10	no binaries found in the repo
Token-Permissions	:green_circle: 10	GitHub workflow tokens follow principle of least privilege
Signed-Releases	:warning: -1	no releases found
Branch-Protection	:warning: 0	branch protection not enabled on development/release branches
Fuzzing	:green_circle: 10	project is fuzzed
Vulnerabilities	:green_circle: 10	0 existing vulnerabilities detected
Security-Policy	:green_circle: 3	security policy file detected
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0

cargo/quote

1.0.36

:green_circle: 5.2

Details

Check	Score	Reason
Code-Review	:warning: 0	Found 1/26 approved changesets -- score normalized to 0
Maintained	:green_circle: 7	8 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 7
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Binary-Artifacts	:green_circle: 10	no binaries found in the repo
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Packaging	:warning: -1	packaging workflow not detected
Token-Permissions	:green_circle: 10	GitHub workflow tokens follow principle of least privilege
Signed-Releases	:warning: -1	no releases found
Fuzzing	:warning: 0	project is not fuzzed
Vulnerabilities	:green_circle: 10	0 existing vulnerabilities detected
Branch-Protection	:warning: 0	branch protection not enabled on development/release branches
Security-Policy	:green_circle: 3	security policy file detected
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0

cargo/regex-automata

0.4.6

:green_circle: 6.8

Details

Check	Score	Reason
Code-Review	:warning: 2	Found 7/30 approved changesets -- score normalized to 2
Maintained	:green_circle: 10	13 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Signed-Releases	:warning: -1	no releases found
Packaging	:warning: -1	packaging workflow not detected
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Branch-Protection	:warning: 0	branch protection not enabled on development/release branches
Binary-Artifacts	:green_circle: 10	no binaries found in the repo
Token-Permissions	:green_circle: 10	GitHub workflow tokens follow principle of least privilege
Vulnerabilities	:green_circle: 10	0 existing vulnerabilities detected
Fuzzing	:green_circle: 10	project is fuzzed
Security-Policy	:green_circle: 10	security policy file detected
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0

cargo/regex-syntax

0.8.3

:green_circle: 6.8

Details

Check	Score	Reason
Code-Review	:warning: 2	Found 7/30 approved changesets -- score normalized to 2
Maintained	:green_circle: 10	13 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Signed-Releases	:warning: -1	no releases found
Packaging	:warning: -1	packaging workflow not detected
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Branch-Protection	:warning: 0	branch protection not enabled on development/release branches
Binary-Artifacts	:green_circle: 10	no binaries found in the repo
Token-Permissions	:green_circle: 10	GitHub workflow tokens follow principle of least privilege
Vulnerabilities	:green_circle: 10	0 existing vulnerabilities detected
Fuzzing	:green_circle: 10	project is fuzzed
Security-Policy	:green_circle: 10	security policy file detected
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0

cargo/ryu

1.0.17

:green_circle: 5.8

Details

Check	Score	Reason
Maintained	:green_circle: 7	9 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 7
Code-Review	:warning: 0	Found 0/25 approved changesets -- score normalized to 0
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Binary-Artifacts	:green_circle: 10	no binaries found in the repo
Packaging	:warning: -1	packaging workflow not detected
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Token-Permissions	:green_circle: 10	GitHub workflow tokens follow principle of least privilege
Fuzzing	:green_circle: 10	project is fuzzed
Signed-Releases	:warning: -1	no releases found
Branch-Protection	:warning: 0	branch protection not enabled on development/release branches
Vulnerabilities	:green_circle: 10	0 existing vulnerabilities detected
Security-Policy	:green_circle: 3	security policy file detected
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0

cargo/serde

1.0.200

:green_circle: 6

Details

Check	Score	Reason
Code-Review	:warning: 1	Found 3/23 approved changesets -- score normalized to 1
Maintained	:green_circle: 10	30 commit(s) and 12 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Branch-Protection	:warning: -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Packaging	:warning: -1	packaging workflow not detected
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Token-Permissions	:green_circle: 10	GitHub workflow tokens follow principle of least privilege
Binary-Artifacts	:green_circle: 10	no binaries found in the repo
Signed-Releases	:warning: -1	no releases found
Vulnerabilities	:green_circle: 10	0 existing vulnerabilities detected
Fuzzing	:warning: 0	project is not fuzzed
Security-Policy	:warning: 0	security policy file not detected
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0

cargo/serde_derive

1.0.200

:green_circle: 6

Details

Check	Score	Reason
Code-Review	:warning: 1	Found 3/23 approved changesets -- score normalized to 1
Maintained	:green_circle: 10	30 commit(s) and 12 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Branch-Protection	:warning: -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Packaging	:warning: -1	packaging workflow not detected
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Token-Permissions	:green_circle: 10	GitHub workflow tokens follow principle of least privilege
Binary-Artifacts	:green_circle: 10	no binaries found in the repo
Signed-Releases	:warning: -1	no releases found
Vulnerabilities	:green_circle: 10	0 existing vulnerabilities detected
Fuzzing	:warning: 0	project is not fuzzed
Security-Policy	:warning: 0	security policy file not detected
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0

cargo/serde_json

1.0.116

:green_circle: 6.6

Details

Check	Score	Reason
Code-Review	:warning: 0	Found 2/24 approved changesets -- score normalized to 0
Maintained	:green_circle: 10	23 commit(s) and 6 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Signed-Releases	:warning: -1	no releases found
Branch-Protection	:warning: -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Packaging	:warning: -1	packaging workflow not detected
Binary-Artifacts	:green_circle: 10	no binaries found in the repo
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Token-Permissions	:green_circle: 10	GitHub workflow tokens follow principle of least privilege
Vulnerabilities	:green_circle: 10	0 existing vulnerabilities detected
Fuzzing	:green_circle: 10	project is fuzzed
Security-Policy	:warning: 0	security policy file not detected
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0

cargo/sharded-slab

0.1.7

:green_circle: 4.3

Details

Check	Score	Reason
Code-Review	:warning: 1	Found 4/25 approved changesets -- score normalized to 1
Maintained	:green_circle: 4	2 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 4
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Signed-Releases	:warning: -1	no releases found
Packaging	:warning: -1	packaging workflow not detected
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Branch-Protection	:warning: -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Binary-Artifacts	:green_circle: 10	no binaries found in the repo
Token-Permissions	:warning: 0	detected GitHub workflow tokens with excessive permissions
Vulnerabilities	:green_circle: 10	0 existing vulnerabilities detected
Fuzzing	:warning: 0	project is not fuzzed
Security-Policy	:warning: 0	security policy file not detected
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0

cargo/smallvec

1.13.2

:green_circle: 5.4

Details

Check	Score	Reason
Maintained	:green_circle: 10	13 commit(s) and 6 issue activity found in the last 90 days -- score normalized to 10
Code-Review	:green_circle: 6	Found 18/30 approved changesets -- score normalized to 6
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Packaging	:warning: -1	packaging workflow not detected
Binary-Artifacts	:green_circle: 10	no binaries found in the repo
Signed-Releases	:warning: -1	no releases found
Token-Permissions	:warning: 0	detected GitHub workflow tokens with excessive permissions
Branch-Protection	:warning: -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Fuzzing	:warning: 0	project is not fuzzed
Vulnerabilities	:green_circle: 10	0 existing vulnerabilities detected
Security-Policy	:warning: 0	security policy file not detected
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0

cargo/strsim

0.11.1

Unknown

cargo/syn

2.0.60

:green_circle: 6.1

Details

Check	Score	Reason
Code-Review	:warning: 0	Found 0/18 approved changesets -- score normalized to 0
Maintained	:green_circle: 10	30 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Signed-Releases	:warning: -1	no releases found
Packaging	:warning: -1	packaging workflow not detected
Branch-Protection	:warning: 0	branch protection not enabled on development/release branches
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Token-Permissions	:green_circle: 10	GitHub workflow tokens follow principle of least privilege
Binary-Artifacts	:green_circle: 10	no binaries found in the repo
Vulnerabilities	:green_circle: 10	0 existing vulnerabilities detected
Fuzzing	:green_circle: 10	project is fuzzed
Security-Policy	:green_circle: 3	security policy file detected
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0

cargo/thread_local

1.1.8

:green_circle: 4.5

Details

Check	Score	Reason
Code-Review	:green_circle: 9	Found 11/12 approved changesets -- score normalized to 9
Maintained	:warning: 2	2 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 2
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Signed-Releases	:warning: -1	no releases found
Packaging	:warning: -1	packaging workflow not detected
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Binary-Artifacts	:green_circle: 10	no binaries found in the repo
Token-Permissions	:warning: 0	detected GitHub workflow tokens with excessive permissions
Fuzzing	:warning: 0	project is not fuzzed
Branch-Protection	:warning: 0	branch protection not enabled on development/release branches
Security-Policy	:warning: 0	security policy file not detected
Vulnerabilities	:green_circle: 10	0 existing vulnerabilities detected
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0

cargo/tree-sitter-bicep

1.0.1

Unknown

cargo/wasm-bindgen

0.2.92

:green_circle: 5.7

Details

Check	Score	Reason
Code-Review	:green_circle: 7	Found 23/30 approved changesets -- score normalized to 7
Maintained	:green_circle: 10	29 commit(s) and 15 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Branch-Protection	:warning: -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases	:warning: 0	Project has not signed or included provenance with any releases.
Packaging	:warning: -1	packaging workflow not detected
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Token-Permissions	:green_circle: 10	GitHub workflow tokens follow principle of least privilege
Vulnerabilities	:green_circle: 10	0 existing vulnerabilities detected
Binary-Artifacts	:green_circle: 7	binaries present in source code
Fuzzing	:warning: 0	project is not fuzzed
Security-Policy	:warning: 0	security policy file not detected
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0

cargo/wasm-bindgen-backend

0.2.92

:green_circle: 5.7

Details

Check	Score	Reason
Code-Review	:green_circle: 7	Found 23/30 approved changesets -- score normalized to 7
Maintained	:green_circle: 10	29 commit(s) and 15 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Branch-Protection	:warning: -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases	:warning: 0	Project has not signed or included provenance with any releases.
Packaging	:warning: -1	packaging workflow not detected
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Token-Permissions	:green_circle: 10	GitHub workflow tokens follow principle of least privilege
Vulnerabilities	:green_circle: 10	0 existing vulnerabilities detected
Binary-Artifacts	:green_circle: 7	binaries present in source code
Fuzzing	:warning: 0	project is not fuzzed
Security-Policy	:warning: 0	security policy file not detected
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0

cargo/wasm-bindgen-macro

0.2.92

:green_circle: 5.7

Details

Check	Score	Reason
Code-Review	:green_circle: 7	Found 23/30 approved changesets -- score normalized to 7
Maintained	:green_circle: 10	29 commit(s) and 15 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Branch-Protection	:warning: -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases	:warning: 0	Project has not signed or included provenance with any releases.
Packaging	:warning: -1	packaging workflow not detected
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Token-Permissions	:green_circle: 10	GitHub workflow tokens follow principle of least privilege
Vulnerabilities	:green_circle: 10	0 existing vulnerabilities detected
Binary-Artifacts	:green_circle: 7	binaries present in source code
Fuzzing	:warning: 0	project is not fuzzed
Security-Policy	:warning: 0	security policy file not detected
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0

cargo/wasm-bindgen-macro-support

0.2.92

:green_circle: 5.7

Details

Check	Score	Reason
Code-Review	:green_circle: 7	Found 23/30 approved changesets -- score normalized to 7
Maintained	:green_circle: 10	29 commit(s) and 15 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Branch-Protection	:warning: -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases	:warning: 0	Project has not signed or included provenance with any releases.
Packaging	:warning: -1	packaging workflow not detected
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Token-Permissions	:green_circle: 10	GitHub workflow tokens follow principle of least privilege
Vulnerabilities	:green_circle: 10	0 existing vulnerabilities detected
Binary-Artifacts	:green_circle: 7	binaries present in source code
Fuzzing	:warning: 0	project is not fuzzed
Security-Policy	:warning: 0	security policy file not detected
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0

cargo/wasm-bindgen-shared

0.2.92

:green_circle: 5.7

Details

Check	Score	Reason
Code-Review	:green_circle: 7	Found 23/30 approved changesets -- score normalized to 7
Maintained	:green_circle: 10	29 commit(s) and 15 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Branch-Protection	:warning: -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases	:warning: 0	Project has not signed or included provenance with any releases.
Packaging	:warning: -1	packaging workflow not detected
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Token-Permissions	:green_circle: 10	GitHub workflow tokens follow principle of least privilege
Vulnerabilities	:green_circle: 10	0 existing vulnerabilities detected
Binary-Artifacts	:green_circle: 7	binaries present in source code
Fuzzing	:warning: 0	project is not fuzzed
Security-Policy	:warning: 0	security policy file not detected
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0

cargo/windows-core

0.52.0

:green_circle: 4.8

Details

Check	Score	Reason
Code-Review	:green_circle: 5	Found 14/28 approved changesets -- score normalized to 5
Maintained	:green_circle: 10	30 commit(s) and 24 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Branch-Protection	:warning: -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases	:warning: -1	no releases found
Security-Policy	:green_circle: 10	security policy file detected
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Packaging	:warning: -1	packaging workflow not detected
Binary-Artifacts	:warning: 0	binaries present in source code
Token-Permissions	:warning: 0	detected GitHub workflow tokens with excessive permissions
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Fuzzing	:warning: 0	project is not fuzzed
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0
Vulnerabilities	:green_circle: 8	2 existing vulnerabilities detected

cargo/windows-sys

0.52.0

:green_circle: 4.8

Details

Check	Score	Reason
Code-Review	:green_circle: 5	Found 14/28 approved changesets -- score normalized to 5
Maintained	:green_circle: 10	30 commit(s) and 24 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Branch-Protection	:warning: -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases	:warning: -1	no releases found
Security-Policy	:green_circle: 10	security policy file detected
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Packaging	:warning: -1	packaging workflow not detected
Binary-Artifacts	:warning: 0	binaries present in source code
Token-Permissions	:warning: 0	detected GitHub workflow tokens with excessive permissions
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Fuzzing	:warning: 0	project is not fuzzed
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0
Vulnerabilities	:green_circle: 8	2 existing vulnerabilities detected

cargo/windows-targets

0.52.5

:green_circle: 4.8

Details

Check	Score	Reason
Code-Review	:green_circle: 5	Found 14/28 approved changesets -- score normalized to 5
Maintained	:green_circle: 10	30 commit(s) and 24 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Branch-Protection	:warning: -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases	:warning: -1	no releases found
Security-Policy	:green_circle: 10	security policy file detected
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Packaging	:warning: -1	packaging workflow not detected
Binary-Artifacts	:warning: 0	binaries present in source code
Token-Permissions	:warning: 0	detected GitHub workflow tokens with excessive permissions
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Fuzzing	:warning: 0	project is not fuzzed
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0
Vulnerabilities	:green_circle: 8	2 existing vulnerabilities detected

cargo/windows_aarch64_gnullvm

0.52.5

:green_circle: 4.8

Details

Check	Score	Reason
Code-Review	:green_circle: 5	Found 14/28 approved changesets -- score normalized to 5
Maintained	:green_circle: 10	30 commit(s) and 24 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Branch-Protection	:warning: -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases	:warning: -1	no releases found
Security-Policy	:green_circle: 10	security policy file detected
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Packaging	:warning: -1	packaging workflow not detected
Binary-Artifacts	:warning: 0	binaries present in source code
Token-Permissions	:warning: 0	detected GitHub workflow tokens with excessive permissions
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Fuzzing	:warning: 0	project is not fuzzed
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0
Vulnerabilities	:green_circle: 8	2 existing vulnerabilities detected

cargo/windows_aarch64_msvc

0.52.5

:green_circle: 4.8

Details

Check	Score	Reason
Code-Review	:green_circle: 5	Found 14/28 approved changesets -- score normalized to 5
Maintained	:green_circle: 10	30 commit(s) and 24 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Branch-Protection	:warning: -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases	:warning: -1	no releases found
Security-Policy	:green_circle: 10	security policy file detected
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Packaging	:warning: -1	packaging workflow not detected
Binary-Artifacts	:warning: 0	binaries present in source code
Token-Permissions	:warning: 0	detected GitHub workflow tokens with excessive permissions
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Fuzzing	:warning: 0	project is not fuzzed
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0
Vulnerabilities	:green_circle: 8	2 existing vulnerabilities detected

cargo/windows_i686_gnu

0.52.5

:green_circle: 4.8

Details

Check	Score	Reason
Code-Review	:green_circle: 5	Found 14/28 approved changesets -- score normalized to 5
Maintained	:green_circle: 10	30 commit(s) and 24 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Branch-Protection	:warning: -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases	:warning: -1	no releases found
Security-Policy	:green_circle: 10	security policy file detected
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Packaging	:warning: -1	packaging workflow not detected
Binary-Artifacts	:warning: 0	binaries present in source code
Token-Permissions	:warning: 0	detected GitHub workflow tokens with excessive permissions
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Fuzzing	:warning: 0	project is not fuzzed
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0
Vulnerabilities	:green_circle: 8	2 existing vulnerabilities detected

cargo/windows_i686_gnullvm

0.52.5

:green_circle: 4.8

Details

Check	Score	Reason
Code-Review	:green_circle: 5	Found 14/28 approved changesets -- score normalized to 5
Maintained	:green_circle: 10	30 commit(s) and 24 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Branch-Protection	:warning: -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases	:warning: -1	no releases found
Security-Policy	:green_circle: 10	security policy file detected
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Packaging	:warning: -1	packaging workflow not detected
Binary-Artifacts	:warning: 0	binaries present in source code
Token-Permissions	:warning: 0	detected GitHub workflow tokens with excessive permissions
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Fuzzing	:warning: 0	project is not fuzzed
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0
Vulnerabilities	:green_circle: 8	2 existing vulnerabilities detected

cargo/windows_i686_msvc

0.52.5

:green_circle: 4.8

Details

Check	Score	Reason
Code-Review	:green_circle: 5	Found 14/28 approved changesets -- score normalized to 5
Maintained	:green_circle: 10	30 commit(s) and 24 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Branch-Protection	:warning: -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases	:warning: -1	no releases found
Security-Policy	:green_circle: 10	security policy file detected
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Packaging	:warning: -1	packaging workflow not detected
Binary-Artifacts	:warning: 0	binaries present in source code
Token-Permissions	:warning: 0	detected GitHub workflow tokens with excessive permissions
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Fuzzing	:warning: 0	project is not fuzzed
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0
Vulnerabilities	:green_circle: 8	2 existing vulnerabilities detected

cargo/windows_x86_64_gnu

0.52.5

:green_circle: 4.8

Details

Check	Score	Reason
Code-Review	:green_circle: 5	Found 14/28 approved changesets -- score normalized to 5
Maintained	:green_circle: 10	30 commit(s) and 24 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Branch-Protection	:warning: -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases	:warning: -1	no releases found
Security-Policy	:green_circle: 10	security policy file detected
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Packaging	:warning: -1	packaging workflow not detected
Binary-Artifacts	:warning: 0	binaries present in source code
Token-Permissions	:warning: 0	detected GitHub workflow tokens with excessive permissions
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Fuzzing	:warning: 0	project is not fuzzed
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0
Vulnerabilities	:green_circle: 8	2 existing vulnerabilities detected

cargo/windows_x86_64_gnullvm

0.52.5

:green_circle: 4.8

Details

Check	Score	Reason
Code-Review	:green_circle: 5	Found 14/28 approved changesets -- score normalized to 5
Maintained	:green_circle: 10	30 commit(s) and 24 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Branch-Protection	:warning: -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases	:warning: -1	no releases found
Security-Policy	:green_circle: 10	security policy file detected
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Packaging	:warning: -1	packaging workflow not detected
Binary-Artifacts	:warning: 0	binaries present in source code
Token-Permissions	:warning: 0	detected GitHub workflow tokens with excessive permissions
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Fuzzing	:warning: 0	project is not fuzzed
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0
Vulnerabilities	:green_circle: 8	2 existing vulnerabilities detected

cargo/windows_x86_64_msvc

0.52.5

:green_circle: 4.8

Details

Check	Score	Reason
Code-Review	:green_circle: 5	Found 14/28 approved changesets -- score normalized to 5
Maintained	:green_circle: 10	30 commit(s) and 24 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Branch-Protection	:warning: -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases	:warning: -1	no releases found
Security-Policy	:green_circle: 10	security policy file detected
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Packaging	:warning: -1	packaging workflow not detected
Binary-Artifacts	:warning: 0	binaries present in source code
Token-Permissions	:warning: 0	detected GitHub workflow tokens with excessive permissions
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Fuzzing	:warning: 0	project is not fuzzed
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0
Vulnerabilities	:green_circle: 8	2 existing vulnerabilities detected

cargo/aho-corasick

1.0.5

:green_circle: 5.4

Details

Check	Score	Reason
Code-Review	:warning: 1	Found 3/22 approved changesets -- score normalized to 1
Maintained	:green_circle: 5	3 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 5
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 9	license file detected
Signed-Releases	:warning: -1	no releases found
Packaging	:warning: -1	packaging workflow not detected
Branch-Protection	:warning: 0	branch protection not enabled on development/release branches
Binary-Artifacts	:green_circle: 10	no binaries found in the repo
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Token-Permissions	:green_circle: 10	GitHub workflow tokens follow principle of least privilege
Fuzzing	:green_circle: 10	project is fuzzed
Security-Policy	:warning: 0	security policy file not detected
Vulnerabilities	:green_circle: 9	1 existing vulnerabilities detected
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0

cargo/anstream

0.6.7

:green_circle: 6.1

Details

Check	Score	Reason
Maintained	:green_circle: 10	30 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10
Code-Review	:warning: 1	Found 1/10 approved changesets -- score normalized to 1
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
Signed-Releases	:warning: -1	no releases found
Branch-Protection	:warning: -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
License	:warning: 0	license file not detected
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Packaging	:warning: -1	packaging workflow not detected
Binary-Artifacts	:green_circle: 10	no binaries found in the repo
Token-Permissions	:green_circle: 10	GitHub workflow tokens follow principle of least privilege
Fuzzing	:warning: 0	project is not fuzzed
Security-Policy	:warning: 0	security policy file not detected
SAST	:green_circle: 10	SAST tool is run on all commits
Vulnerabilities	:green_circle: 8	2 existing vulnerabilities detected
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0

cargo/anstyle

1.0.3

:green_circle: 6.1

Details

Check	Score	Reason
Maintained	:green_circle: 10	30 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10
Code-Review	:warning: 1	Found 1/10 approved changesets -- score normalized to 1
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
Signed-Releases	:warning: -1	no releases found
Branch-Protection	:warning: -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
License	:warning: 0	license file not detected
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Packaging	:warning: -1	packaging workflow not detected
Binary-Artifacts	:green_circle: 10	no binaries found in the repo
Token-Permissions	:green_circle: 10	GitHub workflow tokens follow principle of least privilege
Fuzzing	:warning: 0	project is not fuzzed
Security-Policy	:warning: 0	security policy file not detected
SAST	:green_circle: 10	SAST tool is run on all commits
Vulnerabilities	:green_circle: 8	2 existing vulnerabilities detected
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0

cargo/anstyle-parse

0.2.1

:green_circle: 6.1

Details

Check	Score	Reason
Maintained	:green_circle: 10	30 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10
Code-Review	:warning: 1	Found 1/10 approved changesets -- score normalized to 1
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
Signed-Releases	:warning: -1	no releases found
Branch-Protection	:warning: -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
License	:warning: 0	license file not detected
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Packaging	:warning: -1	packaging workflow not detected
Binary-Artifacts	:green_circle: 10	no binaries found in the repo
Token-Permissions	:green_circle: 10	GitHub workflow tokens follow principle of least privilege
Fuzzing	:warning: 0	project is not fuzzed
Security-Policy	:warning: 0	security policy file not detected
SAST	:green_circle: 10	SAST tool is run on all commits
Vulnerabilities	:green_circle: 8	2 existing vulnerabilities detected
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0

cargo/anstyle-query

1.0.0

:green_circle: 6.1

Details

Check	Score	Reason
Maintained	:green_circle: 10	30 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10
Code-Review	:warning: 1	Found 1/10 approved changesets -- score normalized to 1
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
Signed-Releases	:warning: -1	no releases found
Branch-Protection	:warning: -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
License	:warning: 0	license file not detected
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Packaging	:warning: -1	packaging workflow not detected
Binary-Artifacts	:green_circle: 10	no binaries found in the repo
Token-Permissions	:green_circle: 10	GitHub workflow tokens follow principle of least privilege
Fuzzing	:warning: 0	project is not fuzzed
Security-Policy	:warning: 0	security policy file not detected
SAST	:green_circle: 10	SAST tool is run on all commits
Vulnerabilities	:green_circle: 8	2 existing vulnerabilities detected
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0

cargo/anstyle-wincon

3.0.1

:green_circle: 6.1

Details

Check	Score	Reason
Maintained	:green_circle: 10	30 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10
Code-Review	:warning: 1	Found 1/10 approved changesets -- score normalized to 1
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
Signed-Releases	:warning: -1	no releases found
Branch-Protection	:warning: -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
License	:warning: 0	license file not detected
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Packaging	:warning: -1	packaging workflow not detected
Binary-Artifacts	:green_circle: 10	no binaries found in the repo
Token-Permissions	:green_circle: 10	GitHub workflow tokens follow principle of least privilege
Fuzzing	:warning: 0	project is not fuzzed
Security-Policy	:warning: 0	security policy file not detected
SAST	:green_circle: 10	SAST tool is run on all commits
Vulnerabilities	:green_circle: 8	2 existing vulnerabilities detected
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0

cargo/autocfg

1.1.0

:green_circle: 5.1

Details

Check	Score	Reason
Maintained	:green_circle: 10	21 commit(s) and 9 issue activity found in the last 90 days -- score normalized to 10
Code-Review	:green_circle: 3	Found 4/12 approved changesets -- score normalized to 3
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Signed-Releases	:warning: -1	no releases found
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Packaging	:warning: -1	packaging workflow not detected
Binary-Artifacts	:green_circle: 10	no binaries found in the repo
Token-Permissions	:warning: 0	detected GitHub workflow tokens with excessive permissions
Branch-Protection	:warning: -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Fuzzing	:warning: 0	project is not fuzzed
Vulnerabilities	:green_circle: 10	0 existing vulnerabilities detected
Security-Policy	:warning: 0	security policy file not detected
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0

cargo/bstr

1.6.2

:green_circle: 5.4

Details

Check	Score	Reason
Maintained	:green_circle: 5	0 commit(s) and 7 issue activity found in the last 90 days -- score normalized to 5
Code-Review	:warning: 1	Found 3/24 approved changesets -- score normalized to 1
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 9	license file detected
Signed-Releases	:warning: -1	no releases found
Branch-Protection	:warning: -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Packaging	:warning: -1	packaging workflow not detected
Token-Permissions	:green_circle: 10	GitHub workflow tokens follow principle of least privilege
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Binary-Artifacts	:green_circle: 10	no binaries found in the repo
Fuzzing	:warning: 0	project is not fuzzed
Vulnerabilities	:green_circle: 10	0 existing vulnerabilities detected
Security-Policy	:warning: 0	security policy file not detected
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0

cargo/bumpalo

3.14.0

:green_circle: 4.9

Details

Check	Score	Reason
Maintained	:green_circle: 10	8 commit(s) and 6 issue activity found in the last 90 days -- score normalized to 10
Code-Review	:green_circle: 6	Found 14/22 approved changesets -- score normalized to 6
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Signed-Releases	:warning: -1	no releases found
Packaging	:warning: -1	packaging workflow not detected
Binary-Artifacts	:green_circle: 10	no binaries found in the repo
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Token-Permissions	:warning: 0	detected GitHub workflow tokens with excessive permissions
Branch-Protection	:warning: 0	branch protection not enabled on development/release branches
Vulnerabilities	:green_circle: 10	0 existing vulnerabilities detected
Fuzzing	:warning: 0	project is not fuzzed
Security-Policy	:warning: 0	security policy file not detected
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0

cargo/chrono

0.4.31

:green_circle: 6.5

Details

Check	Score	Reason
Code-Review	:green_circle: 10	all changesets reviewed
Maintained	:green_circle: 10	30 commit(s) and 25 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 9	license file detected
Binary-Artifacts	:green_circle: 10	no binaries found in the repo
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Packaging	:warning: -1	packaging workflow not detected
Token-Permissions	:warning: 0	detected GitHub workflow tokens with excessive permissions
Branch-Protection	:warning: -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Vulnerabilities	:green_circle: 10	0 existing vulnerabilities detected
Fuzzing	:green_circle: 10	project is fuzzed
Signed-Releases	:warning: -1	no releases found
Security-Policy	:warning: 0	security policy file not detected
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0

cargo/core-foundation-sys

0.8.4

:green_circle: 5.6

Details

Check	Score	Reason
Code-Review	:green_circle: 8	Found 26/30 approved changesets -- score normalized to 8
Maintained	:green_circle: 10	15 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
Signed-Releases	:warning: -1	no releases found
License	:green_circle: 9	license file detected
Branch-Protection	:warning: -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Packaging	:warning: -1	packaging workflow not detected
Token-Permissions	:warning: 0	detected GitHub workflow tokens with excessive permissions
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Binary-Artifacts	:green_circle: 10	no binaries found in the repo
Vulnerabilities	:green_circle: 10	0 existing vulnerabilities detected
Fuzzing	:warning: 0	project is not fuzzed
Security-Policy	:warning: 0	security policy file not detected
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0

cargo/crc32fast

1.3.2

:green_circle: 4.4

Details

Check	Score	Reason
Maintained	:green_circle: 8	9 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 8
Code-Review	:warning: 2	Found 6/29 approved changesets -- score normalized to 2
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Signed-Releases	:warning: -1	no releases found
Packaging	:warning: -1	packaging workflow not detected
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Binary-Artifacts	:green_circle: 10	no binaries found in the repo
Token-Permissions	:warning: 0	detected GitHub workflow tokens with excessive permissions
Branch-Protection	:warning: 0	branch protection not enabled on development/release branches
Fuzzing	:warning: 0	project is not fuzzed
Vulnerabilities	:green_circle: 10	0 existing vulnerabilities detected
Security-Policy	:warning: 0	security policy file not detected
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0

cargo/crossbeam-deque

0.8.3

:green_circle: 5.4

Details

Check	Score	Reason
Code-Review	:green_circle: 6	Found 12/19 approved changesets -- score normalized to 6
Maintained	:green_circle: 10	16 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Branch-Protection	:warning: -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Packaging	:warning: -1	packaging workflow not detected
Signed-Releases	:warning: -1	no releases found
Binary-Artifacts	:green_circle: 10	no binaries found in the repo
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Token-Permissions	:warning: 0	detected GitHub workflow tokens with excessive permissions
Fuzzing	:warning: 0	project is not fuzzed
Vulnerabilities	:green_circle: 10	0 existing vulnerabilities detected
Security-Policy	:warning: 0	security policy file not detected
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0

cargo/crossbeam-epoch

0.9.15

:green_circle: 5.4

Details

Check	Score	Reason
Code-Review	:green_circle: 6	Found 12/19 approved changesets -- score normalized to 6
Maintained	:green_circle: 10	16 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Branch-Protection	:warning: -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Packaging	:warning: -1	packaging workflow not detected
Signed-Releases	:warning: -1	no releases found
Binary-Artifacts	:green_circle: 10	no binaries found in the repo
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Token-Permissions	:warning: 0	detected GitHub workflow tokens with excessive permissions
Fuzzing	:warning: 0	project is not fuzzed
Vulnerabilities	:green_circle: 10	0 existing vulnerabilities detected
Security-Policy	:warning: 0	security policy file not detected
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0

cargo/crossbeam-utils

0.8.16

:green_circle: 5.4

Details

Check	Score	Reason
Code-Review	:green_circle: 6	Found 12/19 approved changesets -- score normalized to 6
Maintained	:green_circle: 10	16 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Branch-Protection	:warning: -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Packaging	:warning: -1	packaging workflow not detected
Signed-Releases	:warning: -1	no releases found
Binary-Artifacts	:green_circle: 10	no binaries found in the repo
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Token-Permissions	:warning: 0	detected GitHub workflow tokens with excessive permissions
Fuzzing	:warning: 0	project is not fuzzed
Vulnerabilities	:green_circle: 10	0 existing vulnerabilities detected
Security-Policy	:warning: 0	security policy file not detected
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0

cargo/either

1.9.0

Unknown

cargo/fnv

1.0.7

:green_circle: 4.3

Details

Check	Score	Reason
Code-Review	:green_circle: 5	Found 13/22 approved changesets -- score normalized to 5
Maintained	:warning: 0	1 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Signed-Releases	:warning: -1	no releases found
Binary-Artifacts	:green_circle: 10	no binaries found in the repo
Token-Permissions	:warning: 0	detected GitHub workflow tokens with excessive permissions
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Packaging	:warning: -1	packaging workflow not detected
Branch-Protection	:warning: -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Fuzzing	:warning: 0	project is not fuzzed
Vulnerabilities	:green_circle: 10	0 existing vulnerabilities detected
Security-Policy	:warning: 0	security policy file not detected
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0

cargo/globset

0.4.13

:green_circle: 4.7

Details

Check	Score	Reason
Code-Review	:green_circle: 4	Found 12/30 approved changesets -- score normalized to 4
Maintained	:green_circle: 10	18 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 9	license file detected
Branch-Protection	:warning: -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Packaging	:warning: -1	packaging workflow not detected
Token-Permissions	:warning: 0	detected GitHub workflow tokens with excessive permissions
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Binary-Artifacts	:green_circle: 10	no binaries found in the repo
Signed-Releases	:warning: 0	Project has not signed or included provenance with any releases.
Fuzzing	:warning: 0	project is not fuzzed
Security-Policy	:warning: 0	security policy file not detected
Vulnerabilities	:green_circle: 10	0 existing vulnerabilities detected
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0

cargo/hermit-abi

0.3.2

Unknown

cargo/iana-time-zone

0.1.57

:green_circle: 4.5

Details

Check	Score	Reason
Code-Review	:green_circle: 7	Found 14/20 approved changesets -- score normalized to 7
Maintained	:warning: 0	0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
Signed-Releases	:warning: -1	no releases found
License	:green_circle: 9	license file detected
Binary-Artifacts	:green_circle: 10	no binaries found in the repo
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Packaging	:warning: -1	packaging workflow not detected
Token-Permissions	:warning: 0	detected GitHub workflow tokens with excessive permissions
Branch-Protection	:warning: -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Fuzzing	:warning: 0	project is not fuzzed
Vulnerabilities	:green_circle: 10	0 existing vulnerabilities detected
Security-Policy	:warning: 0	security policy file not detected
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0

cargo/itoa

1.0.9

:green_circle: 5.8

Details

Check	Score	Reason
Code-Review	:warning: 0	Found 2/27 approved changesets -- score normalized to 0
Maintained	:green_circle: 7	9 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 7
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Packaging	:warning: -1	packaging workflow not detected
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Binary-Artifacts	:green_circle: 10	no binaries found in the repo
Token-Permissions	:green_circle: 10	GitHub workflow tokens follow principle of least privilege
Signed-Releases	:warning: -1	no releases found
Branch-Protection	:warning: 0	branch protection not enabled on development/release branches
Vulnerabilities	:green_circle: 10	0 existing vulnerabilities detected
Fuzzing	:green_circle: 10	project is fuzzed
Security-Policy	:green_circle: 3	security policy file detected
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0

cargo/js-sys

0.3.64

:green_circle: 5.7

Details

Check	Score	Reason
Code-Review	:green_circle: 7	Found 23/30 approved changesets -- score normalized to 7
Maintained	:green_circle: 10	29 commit(s) and 15 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Branch-Protection	:warning: -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases	:warning: 0	Project has not signed or included provenance with any releases.
Packaging	:warning: -1	packaging workflow not detected
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Token-Permissions	:green_circle: 10	GitHub workflow tokens follow principle of least privilege
Vulnerabilities	:green_circle: 10	0 existing vulnerabilities detected
Binary-Artifacts	:green_circle: 7	binaries present in source code
Fuzzing	:warning: 0	project is not fuzzed
Security-Policy	:warning: 0	security policy file not detected
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0

cargo/libc

0.2.148

:green_circle: 6.6

Details

Check	Score	Reason
Code-Review	:green_circle: 10	all changesets reviewed
Maintained	:green_circle: 10	30 commit(s) and 12 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Branch-Protection	:warning: -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases	:warning: -1	no releases found
Token-Permissions	:warning: 0	detected GitHub workflow tokens with excessive permissions
Binary-Artifacts	:green_circle: 10	no binaries found in the repo
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Packaging	:warning: -1	packaging workflow not detected
Vulnerabilities	:green_circle: 10	0 existing vulnerabilities detected
Fuzzing	:warning: 0	project is not fuzzed
Security-Policy	:green_circle: 10	security policy file detected
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0

cargo/log

0.4.20

:green_circle: 6.9

Details

Check	Score	Reason
Maintained	:green_circle: 10	27 commit(s) and 15 issue activity found in the last 90 days -- score normalized to 10
Code-Review	:green_circle: 10	all changesets reviewed
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Binary-Artifacts	:green_circle: 10	no binaries found in the repo
Signed-Releases	:warning: -1	no releases found
Packaging	:warning: -1	packaging workflow not detected
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Token-Permissions	:green_circle: 10	GitHub workflow tokens follow principle of least privilege
Vulnerabilities	:green_circle: 10	0 existing vulnerabilities detected
Fuzzing	:warning: 0	project is not fuzzed
Branch-Protection	:warning: 0	branch protection not enabled on development/release branches
Security-Policy	:green_circle: 10	security policy file detected
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0

cargo/memchr

2.6.3

Unknown

cargo/memoffset

0.9.0

:green_circle: 4.9

Details

Check	Score	Reason
Code-Review	:green_circle: 7	Found 10/13 approved changesets -- score normalized to 7
Maintained	:green_circle: 9	10 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 9
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Signed-Releases	:warning: -1	no releases found
Packaging	:warning: -1	packaging workflow not detected
Binary-Artifacts	:green_circle: 10	no binaries found in the repo
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Token-Permissions	:warning: 0	detected GitHub workflow tokens with excessive permissions
Branch-Protection	:warning: 0	branch protection not enabled on development/release branches
Vulnerabilities	:green_circle: 10	0 existing vulnerabilities detected
Fuzzing	:warning: 0	project is not fuzzed
Security-Policy	:warning: 0	security policy file not detected
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0

cargo/miniz_oxide

0.7.1

:green_circle: 5

Details

Check	Score	Reason
Code-Review	:green_circle: 3	Found 11/30 approved changesets -- score normalized to 3
Maintained	:green_circle: 7	6 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 7
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Signed-Releases	:warning: -1	no releases found
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Packaging	:warning: -1	packaging workflow not detected
Token-Permissions	:warning: 0	detected GitHub workflow tokens with excessive permissions
Branch-Protection	:warning: 0	branch protection not enabled on development/release branches
Binary-Artifacts	:green_circle: 10	no binaries found in the repo
Fuzzing	:green_circle: 10	project is fuzzed
Vulnerabilities	:green_circle: 10	0 existing vulnerabilities detected
Security-Policy	:warning: 0	security policy file not detected
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0

cargo/num-traits

0.2.16

:green_circle: 5.1

Details

Check	Score	Reason
Code-Review	:green_circle: 3	Found 2/6 approved changesets -- score normalized to 3
Maintained	:green_circle: 10	6 commit(s) and 8 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
Signed-Releases	:warning: -1	no releases found
License	:green_circle: 10	license file detected
Branch-Protection	:warning: -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Binary-Artifacts	:green_circle: 10	no binaries found in the repo
Token-Permissions	:warning: 0	detected GitHub workflow tokens with excessive permissions
Packaging	:warning: -1	packaging workflow not detected
Vulnerabilities	:green_circle: 10	0 existing vulnerabilities detected
Fuzzing	:warning: 0	project is not fuzzed
Security-Policy	:warning: 0	security policy file not detected
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0

cargo/once_cell

1.18.0

:green_circle: 4.6

Details

Check	Score	Reason
Code-Review	:green_circle: 7	Found 10/13 approved changesets -- score normalized to 7
Maintained	:warning: 0	0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
Signed-Releases	:warning: -1	no releases found
License	:green_circle: 10	license file detected
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Token-Permissions	:warning: 0	detected GitHub workflow tokens with excessive permissions
Binary-Artifacts	:green_circle: 10	no binaries found in the repo
Packaging	:warning: -1	packaging workflow not detected
Branch-Protection	:warning: 0	branch protection not enabled on development/release branches
Fuzzing	:warning: 0	project is not fuzzed
Vulnerabilities	:green_circle: 10	0 existing vulnerabilities detected
Security-Policy	:warning: 0	security policy file not detected
Pinned-Dependencies	:green_circle: 8	dependency not pinned by hash detected -- score normalized to 8
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0

cargo/pin-project-lite

0.2.13

:green_circle: 5.9

Details

Check	Score	Reason
Code-Review	:warning: 0	Found 1/30 approved changesets -- score normalized to 0
Maintained	:green_circle: 10	23 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Packaging	:warning: -1	packaging workflow not detected
Token-Permissions	:green_circle: 10	GitHub workflow tokens follow principle of least privilege
Binary-Artifacts	:green_circle: 10	no binaries found in the repo
Branch-Protection	:warning: -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases	:warning: -1	no releases found
Fuzzing	:warning: 0	project is not fuzzed
Vulnerabilities	:green_circle: 10	0 existing vulnerabilities detected
Security-Policy	:warning: 0	security policy file not detected
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0

cargo/proc-macro2

1.0.78

:green_circle: 6.1

Details

Check	Score	Reason
Maintained	:green_circle: 10	30 commit(s) and 7 issue activity found in the last 90 days -- score normalized to 10
Code-Review	:warning: 0	Found 0/20 approved changesets -- score normalized to 0
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Packaging	:warning: -1	packaging workflow not detected
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Binary-Artifacts	:green_circle: 10	no binaries found in the repo
Token-Permissions	:green_circle: 10	GitHub workflow tokens follow principle of least privilege
Signed-Releases	:warning: -1	no releases found
Branch-Protection	:warning: 0	branch protection not enabled on development/release branches
Fuzzing	:green_circle: 10	project is fuzzed
Vulnerabilities	:green_circle: 10	0 existing vulnerabilities detected
Security-Policy	:green_circle: 3	security policy file detected
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0

cargo/quote

1.0.33

:green_circle: 5.2

Details

Check	Score	Reason
Code-Review	:warning: 0	Found 1/26 approved changesets -- score normalized to 0
Maintained	:green_circle: 7	8 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 7
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Binary-Artifacts	:green_circle: 10	no binaries found in the repo
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Packaging	:warning: -1	packaging workflow not detected
Token-Permissions	:green_circle: 10	GitHub workflow tokens follow principle of least privilege
Signed-Releases	:warning: -1	no releases found
Fuzzing	:warning: 0	project is not fuzzed
Vulnerabilities	:green_circle: 10	0 existing vulnerabilities detected
Branch-Protection	:warning: 0	branch protection not enabled on development/release branches
Security-Policy	:green_circle: 3	security policy file detected
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0

cargo/regex-automata

0.4.5

:green_circle: 6.8

Details

Check	Score	Reason
Code-Review	:warning: 2	Found 7/30 approved changesets -- score normalized to 2
Maintained	:green_circle: 10	13 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Signed-Releases	:warning: -1	no releases found
Packaging	:warning: -1	packaging workflow not detected
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Branch-Protection	:warning: 0	branch protection not enabled on development/release branches
Binary-Artifacts	:green_circle: 10	no binaries found in the repo
Token-Permissions	:green_circle: 10	GitHub workflow tokens follow principle of least privilege
Vulnerabilities	:green_circle: 10	0 existing vulnerabilities detected
Fuzzing	:green_circle: 10	project is fuzzed
Security-Policy	:green_circle: 10	security policy file detected
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0

cargo/regex-syntax

0.8.2

:green_circle: 6.8

Details

Check	Score	Reason
Code-Review	:warning: 2	Found 7/30 approved changesets -- score normalized to 2
Maintained	:green_circle: 10	13 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Signed-Releases	:warning: -1	no releases found
Packaging	:warning: -1	packaging workflow not detected
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Branch-Protection	:warning: 0	branch protection not enabled on development/release branches
Binary-Artifacts	:green_circle: 10	no binaries found in the repo
Token-Permissions	:green_circle: 10	GitHub workflow tokens follow principle of least privilege
Vulnerabilities	:green_circle: 10	0 existing vulnerabilities detected
Fuzzing	:green_circle: 10	project is fuzzed
Security-Policy	:green_circle: 10	security policy file detected
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0

cargo/ryu

1.0.15

:green_circle: 5.8

Details

Check	Score	Reason
Maintained	:green_circle: 7	9 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 7
Code-Review	:warning: 0	Found 0/25 approved changesets -- score normalized to 0
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Binary-Artifacts	:green_circle: 10	no binaries found in the repo
Packaging	:warning: -1	packaging workflow not detected
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Token-Permissions	:green_circle: 10	GitHub workflow tokens follow principle of least privilege
Fuzzing	:green_circle: 10	project is fuzzed
Signed-Releases	:warning: -1	no releases found
Branch-Protection	:warning: 0	branch protection not enabled on development/release branches
Vulnerabilities	:green_circle: 10	0 existing vulnerabilities detected
Security-Policy	:green_circle: 3	security policy file detected
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0

cargo/scopeguard

1.2.0

:green_circle: 4.3

Details

Check	Score	Reason
Code-Review	:green_circle: 9	Found 10/11 approved changesets -- score normalized to 9
Maintained	:warning: 0	0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
Signed-Releases	:warning: -1	no releases found
License	:green_circle: 10	license file detected
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Binary-Artifacts	:green_circle: 10	no binaries found in the repo
Packaging	:warning: -1	packaging workflow not detected
Token-Permissions	:warning: 0	detected GitHub workflow tokens with excessive permissions
Branch-Protection	:warning: 0	branch protection not enabled on development/release branches
Vulnerabilities	:green_circle: 10	0 existing vulnerabilities detected
Security-Policy	:warning: 0	security policy file not detected
Fuzzing	:warning: 0	project is not fuzzed
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0

cargo/serde

1.0.188

:green_circle: 6

Details

Check	Score	Reason
Code-Review	:warning: 1	Found 3/23 approved changesets -- score normalized to 1
Maintained	:green_circle: 10	30 commit(s) and 12 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Branch-Protection	:warning: -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Packaging	:warning: -1	packaging workflow not detected
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Token-Permissions	:green_circle: 10	GitHub workflow tokens follow principle of least privilege
Binary-Artifacts	:green_circle: 10	no binaries found in the repo
Signed-Releases	:warning: -1	no releases found
Vulnerabilities	:green_circle: 10	0 existing vulnerabilities detected
Fuzzing	:warning: 0	project is not fuzzed
Security-Policy	:warning: 0	security policy file not detected
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0

cargo/serde_derive

1.0.188

:green_circle: 6

Details

Check	Score	Reason
Code-Review	:warning: 1	Found 3/23 approved changesets -- score normalized to 1
Maintained	:green_circle: 10	30 commit(s) and 12 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Branch-Protection	:warning: -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Packaging	:warning: -1	packaging workflow not detected
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Token-Permissions	:green_circle: 10	GitHub workflow tokens follow principle of least privilege
Binary-Artifacts	:green_circle: 10	no binaries found in the repo
Signed-Releases	:warning: -1	no releases found
Vulnerabilities	:green_circle: 10	0 existing vulnerabilities detected
Fuzzing	:warning: 0	project is not fuzzed
Security-Policy	:warning: 0	security policy file not detected
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0

cargo/serde_json

1.0.107

:green_circle: 6.6

Details

Check	Score	Reason
Code-Review	:warning: 0	Found 2/24 approved changesets -- score normalized to 0
Maintained	:green_circle: 10	23 commit(s) and 6 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Signed-Releases	:warning: -1	no releases found
Branch-Protection	:warning: -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Packaging	:warning: -1	packaging workflow not detected
Binary-Artifacts	:green_circle: 10	no binaries found in the repo
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Token-Permissions	:green_circle: 10	GitHub workflow tokens follow principle of least privilege
Vulnerabilities	:green_circle: 10	0 existing vulnerabilities detected
Fuzzing	:green_circle: 10	project is fuzzed
Security-Policy	:warning: 0	security policy file not detected
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0

cargo/sharded-slab

0.1.4

:green_circle: 4.3

Details

Check	Score	Reason
Code-Review	:warning: 1	Found 4/25 approved changesets -- score normalized to 1
Maintained	:green_circle: 4	2 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 4
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Signed-Releases	:warning: -1	no releases found
Packaging	:warning: -1	packaging workflow not detected
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Branch-Protection	:warning: -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Binary-Artifacts	:green_circle: 10	no binaries found in the repo
Token-Permissions	:warning: 0	detected GitHub workflow tokens with excessive permissions
Vulnerabilities	:green_circle: 10	0 existing vulnerabilities detected
Fuzzing	:warning: 0	project is not fuzzed
Security-Policy	:warning: 0	security policy file not detected
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0

cargo/smallvec

1.11.0

:green_circle: 5.4

Details

Check	Score	Reason
Maintained	:green_circle: 10	13 commit(s) and 6 issue activity found in the last 90 days -- score normalized to 10
Code-Review	:green_circle: 6	Found 18/30 approved changesets -- score normalized to 6
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Packaging	:warning: -1	packaging workflow not detected
Binary-Artifacts	:green_circle: 10	no binaries found in the repo
Signed-Releases	:warning: -1	no releases found
Token-Permissions	:warning: 0	detected GitHub workflow tokens with excessive permissions
Branch-Protection	:warning: -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Fuzzing	:warning: 0	project is not fuzzed
Vulnerabilities	:green_circle: 10	0 existing vulnerabilities detected
Security-Policy	:warning: 0	security policy file not detected
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0

cargo/strsim

0.11.0

Unknown

cargo/syn

2.0.33

:green_circle: 6.1

Details

Check	Score	Reason
Code-Review	:warning: 0	Found 0/18 approved changesets -- score normalized to 0
Maintained	:green_circle: 10	30 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Signed-Releases	:warning: -1	no releases found
Packaging	:warning: -1	packaging workflow not detected
Branch-Protection	:warning: 0	branch protection not enabled on development/release branches
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Token-Permissions	:green_circle: 10	GitHub workflow tokens follow principle of least privilege
Binary-Artifacts	:green_circle: 10	no binaries found in the repo
Vulnerabilities	:green_circle: 10	0 existing vulnerabilities detected
Fuzzing	:green_circle: 10	project is fuzzed
Security-Policy	:green_circle: 3	security policy file detected
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0

cargo/thread_local

1.1.7

:green_circle: 4.5

Details

Check	Score	Reason
Code-Review	:green_circle: 9	Found 11/12 approved changesets -- score normalized to 9
Maintained	:warning: 2	2 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 2
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Signed-Releases	:warning: -1	no releases found
Packaging	:warning: -1	packaging workflow not detected
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Binary-Artifacts	:green_circle: 10	no binaries found in the repo
Token-Permissions	:warning: 0	detected GitHub workflow tokens with excessive permissions
Fuzzing	:warning: 0	project is not fuzzed
Branch-Protection	:warning: 0	branch protection not enabled on development/release branches
Security-Policy	:warning: 0	security policy file not detected
Vulnerabilities	:green_circle: 10	0 existing vulnerabilities detected
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0

cargo/tree-sitter-bicep

1.0.0

Unknown

cargo/wasm-bindgen

0.2.87

:green_circle: 5.7

Details

Check	Score	Reason
Code-Review	:green_circle: 7	Found 23/30 approved changesets -- score normalized to 7
Maintained	:green_circle: 10	29 commit(s) and 15 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Branch-Protection	:warning: -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases	:warning: 0	Project has not signed or included provenance with any releases.
Packaging	:warning: -1	packaging workflow not detected
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Token-Permissions	:green_circle: 10	GitHub workflow tokens follow principle of least privilege
Vulnerabilities	:green_circle: 10	0 existing vulnerabilities detected
Binary-Artifacts	:green_circle: 7	binaries present in source code
Fuzzing	:warning: 0	project is not fuzzed
Security-Policy	:warning: 0	security policy file not detected
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0

cargo/wasm-bindgen-backend

0.2.87

:green_circle: 5.7

Details

Check	Score	Reason
Code-Review	:green_circle: 7	Found 23/30 approved changesets -- score normalized to 7
Maintained	:green_circle: 10	29 commit(s) and 15 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Branch-Protection	:warning: -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases	:warning: 0	Project has not signed or included provenance with any releases.
Packaging	:warning: -1	packaging workflow not detected
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Token-Permissions	:green_circle: 10	GitHub workflow tokens follow principle of least privilege
Vulnerabilities	:green_circle: 10	0 existing vulnerabilities detected
Binary-Artifacts	:green_circle: 7	binaries present in source code
Fuzzing	:warning: 0	project is not fuzzed
Security-Policy	:warning: 0	security policy file not detected
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0

cargo/wasm-bindgen-macro

0.2.87

:green_circle: 5.7

Details

Check	Score	Reason
Code-Review	:green_circle: 7	Found 23/30 approved changesets -- score normalized to 7
Maintained	:green_circle: 10	29 commit(s) and 15 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Branch-Protection	:warning: -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases	:warning: 0	Project has not signed or included provenance with any releases.
Packaging	:warning: -1	packaging workflow not detected
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Token-Permissions	:green_circle: 10	GitHub workflow tokens follow principle of least privilege
Vulnerabilities	:green_circle: 10	0 existing vulnerabilities detected
Binary-Artifacts	:green_circle: 7	binaries present in source code
Fuzzing	:warning: 0	project is not fuzzed
Security-Policy	:warning: 0	security policy file not detected
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0

cargo/wasm-bindgen-macro-support

0.2.87

:green_circle: 5.7

Details

Check	Score	Reason
Code-Review	:green_circle: 7	Found 23/30 approved changesets -- score normalized to 7
Maintained	:green_circle: 10	29 commit(s) and 15 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Branch-Protection	:warning: -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases	:warning: 0	Project has not signed or included provenance with any releases.
Packaging	:warning: -1	packaging workflow not detected
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Token-Permissions	:green_circle: 10	GitHub workflow tokens follow principle of least privilege
Vulnerabilities	:green_circle: 10	0 existing vulnerabilities detected
Binary-Artifacts	:green_circle: 7	binaries present in source code
Fuzzing	:warning: 0	project is not fuzzed
Security-Policy	:warning: 0	security policy file not detected
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0

cargo/wasm-bindgen-shared

0.2.87

:green_circle: 5.7

Details

Check	Score	Reason
Code-Review	:green_circle: 7	Found 23/30 approved changesets -- score normalized to 7
Maintained	:green_circle: 10	29 commit(s) and 15 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Branch-Protection	:warning: -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases	:warning: 0	Project has not signed or included provenance with any releases.
Packaging	:warning: -1	packaging workflow not detected
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Token-Permissions	:green_circle: 10	GitHub workflow tokens follow principle of least privilege
Vulnerabilities	:green_circle: 10	0 existing vulnerabilities detected
Binary-Artifacts	:green_circle: 7	binaries present in source code
Fuzzing	:warning: 0	project is not fuzzed
Security-Policy	:warning: 0	security policy file not detected
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0

cargo/windows

0.48.0

:green_circle: 4.8

Details

Check	Score	Reason
Code-Review	:green_circle: 5	Found 14/28 approved changesets -- score normalized to 5
Maintained	:green_circle: 10	30 commit(s) and 24 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Branch-Protection	:warning: -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases	:warning: -1	no releases found
Security-Policy	:green_circle: 10	security policy file detected
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Packaging	:warning: -1	packaging workflow not detected
Binary-Artifacts	:warning: 0	binaries present in source code
Token-Permissions	:warning: 0	detected GitHub workflow tokens with excessive permissions
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Fuzzing	:warning: 0	project is not fuzzed
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0
Vulnerabilities	:green_circle: 8	2 existing vulnerabilities detected

cargo/windows-sys

0.48.0

:green_circle: 4.8

Details

Check	Score	Reason
Code-Review	:green_circle: 5	Found 14/28 approved changesets -- score normalized to 5
Maintained	:green_circle: 10	30 commit(s) and 24 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Branch-Protection	:warning: -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases	:warning: -1	no releases found
Security-Policy	:green_circle: 10	security policy file detected
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Packaging	:warning: -1	packaging workflow not detected
Binary-Artifacts	:warning: 0	binaries present in source code
Token-Permissions	:warning: 0	detected GitHub workflow tokens with excessive permissions
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Fuzzing	:warning: 0	project is not fuzzed
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0
Vulnerabilities	:green_circle: 8	2 existing vulnerabilities detected

cargo/windows-targets

0.48.5

:green_circle: 4.8

Details

Check	Score	Reason
Code-Review	:green_circle: 5	Found 14/28 approved changesets -- score normalized to 5
Maintained	:green_circle: 10	30 commit(s) and 24 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Branch-Protection	:warning: -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases	:warning: -1	no releases found
Security-Policy	:green_circle: 10	security policy file detected
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Packaging	:warning: -1	packaging workflow not detected
Binary-Artifacts	:warning: 0	binaries present in source code
Token-Permissions	:warning: 0	detected GitHub workflow tokens with excessive permissions
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Fuzzing	:warning: 0	project is not fuzzed
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0
Vulnerabilities	:green_circle: 8	2 existing vulnerabilities detected

cargo/windows_aarch64_gnullvm

0.48.5

:green_circle: 4.8

Details

Check	Score	Reason
Code-Review	:green_circle: 5	Found 14/28 approved changesets -- score normalized to 5
Maintained	:green_circle: 10	30 commit(s) and 24 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Branch-Protection	:warning: -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases	:warning: -1	no releases found
Security-Policy	:green_circle: 10	security policy file detected
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Packaging	:warning: -1	packaging workflow not detected
Binary-Artifacts	:warning: 0	binaries present in source code
Token-Permissions	:warning: 0	detected GitHub workflow tokens with excessive permissions
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Fuzzing	:warning: 0	project is not fuzzed
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0
Vulnerabilities	:green_circle: 8	2 existing vulnerabilities detected

cargo/windows_aarch64_msvc

0.48.5

:green_circle: 4.8

Details

Check	Score	Reason
Code-Review	:green_circle: 5	Found 14/28 approved changesets -- score normalized to 5
Maintained	:green_circle: 10	30 commit(s) and 24 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Branch-Protection	:warning: -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases	:warning: -1	no releases found
Security-Policy	:green_circle: 10	security policy file detected
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Packaging	:warning: -1	packaging workflow not detected
Binary-Artifacts	:warning: 0	binaries present in source code
Token-Permissions	:warning: 0	detected GitHub workflow tokens with excessive permissions
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Fuzzing	:warning: 0	project is not fuzzed
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0
Vulnerabilities	:green_circle: 8	2 existing vulnerabilities detected

cargo/windows_i686_gnu

0.48.5

:green_circle: 4.8

Details

Check	Score	Reason
Code-Review	:green_circle: 5	Found 14/28 approved changesets -- score normalized to 5
Maintained	:green_circle: 10	30 commit(s) and 24 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Branch-Protection	:warning: -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases	:warning: -1	no releases found
Security-Policy	:green_circle: 10	security policy file detected
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Packaging	:warning: -1	packaging workflow not detected
Binary-Artifacts	:warning: 0	binaries present in source code
Token-Permissions	:warning: 0	detected GitHub workflow tokens with excessive permissions
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Fuzzing	:warning: 0	project is not fuzzed
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0
Vulnerabilities	:green_circle: 8	2 existing vulnerabilities detected

cargo/windows_i686_msvc

0.48.5

:green_circle: 4.8

Details

Check	Score	Reason
Code-Review	:green_circle: 5	Found 14/28 approved changesets -- score normalized to 5
Maintained	:green_circle: 10	30 commit(s) and 24 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Branch-Protection	:warning: -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases	:warning: -1	no releases found
Security-Policy	:green_circle: 10	security policy file detected
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Packaging	:warning: -1	packaging workflow not detected
Binary-Artifacts	:warning: 0	binaries present in source code
Token-Permissions	:warning: 0	detected GitHub workflow tokens with excessive permissions
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Fuzzing	:warning: 0	project is not fuzzed
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0
Vulnerabilities	:green_circle: 8	2 existing vulnerabilities detected

cargo/windows_x86_64_gnu

0.48.5

:green_circle: 4.8

Details

Check	Score	Reason
Code-Review	:green_circle: 5	Found 14/28 approved changesets -- score normalized to 5
Maintained	:green_circle: 10	30 commit(s) and 24 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Branch-Protection	:warning: -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases	:warning: -1	no releases found
Security-Policy	:green_circle: 10	security policy file detected
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Packaging	:warning: -1	packaging workflow not detected
Binary-Artifacts	:warning: 0	binaries present in source code
Token-Permissions	:warning: 0	detected GitHub workflow tokens with excessive permissions
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Fuzzing	:warning: 0	project is not fuzzed
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0
Vulnerabilities	:green_circle: 8	2 existing vulnerabilities detected

cargo/windows_x86_64_gnullvm

0.48.5

:green_circle: 4.8

Details

Check	Score	Reason
Code-Review	:green_circle: 5	Found 14/28 approved changesets -- score normalized to 5
Maintained	:green_circle: 10	30 commit(s) and 24 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Branch-Protection	:warning: -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases	:warning: -1	no releases found
Security-Policy	:green_circle: 10	security policy file detected
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Packaging	:warning: -1	packaging workflow not detected
Binary-Artifacts	:warning: 0	binaries present in source code
Token-Permissions	:warning: 0	detected GitHub workflow tokens with excessive permissions
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Fuzzing	:warning: 0	project is not fuzzed
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0
Vulnerabilities	:green_circle: 8	2 existing vulnerabilities detected

cargo/windows_x86_64_msvc

0.48.5

:green_circle: 4.8

Details

Check	Score	Reason
Code-Review	:green_circle: 5	Found 14/28 approved changesets -- score normalized to 5
Maintained	:green_circle: 10	30 commit(s) and 24 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Branch-Protection	:warning: -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases	:warning: -1	no releases found
Security-Policy	:green_circle: 10	security policy file detected
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Packaging	:warning: -1	packaging workflow not detected
Binary-Artifacts	:warning: 0	binaries present in source code
Token-Permissions	:warning: 0	detected GitHub workflow tokens with excessive permissions
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Fuzzing	:warning: 0	project is not fuzzed
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0
Vulnerabilities	:green_circle: 8	2 existing vulnerabilities detected

Scanned Manifest Files

Cargo.lock

aho-corasick@1.1.3
anstream@0.6.13
anstyle@1.0.6
anstyle-parse@0.2.3
anstyle-query@1.0.2
anstyle-wincon@3.0.2
autocfg@1.2.0
bstr@1.9.1
bumpalo@3.16.0
chrono@0.4.38
core-foundation-sys@0.8.6
crc32fast@1.4.0
crossbeam-deque@0.8.5
crossbeam-epoch@0.9.18
crossbeam-utils@0.8.19
either@1.11.0
globset@0.4.14
hermit-abi@0.3.9
iana-time-zone@0.1.60
itoa@1.0.11
js-sys@0.3.69
libc@0.2.154
log@0.4.21
memchr@2.7.2
miniz_oxide@0.7.2
num-traits@0.2.18
once_cell@1.19.0
pin-project-lite@0.2.14
proc-macro2@1.0.81
quote@1.0.36
regex-automata@0.4.6
regex-syntax@0.8.3
ryu@1.0.17
serde@1.0.200
serde_derive@1.0.200
serde_json@1.0.116
sharded-slab@0.1.7
smallvec@1.13.2
strsim@0.11.1
syn@2.0.60
thread_local@1.1.8
tree-sitter-bicep@1.0.1
wasm-bindgen@0.2.92
wasm-bindgen-backend@0.2.92
wasm-bindgen-macro@0.2.92
wasm-bindgen-macro-support@0.2.92
wasm-bindgen-shared@0.2.92
windows-core@0.52.0
windows-sys@0.52.0
windows-targets@0.52.5
windows_aarch64_gnullvm@0.52.5
windows_aarch64_msvc@0.52.5
windows_i686_gnu@0.52.5
windows_i686_gnullvm@0.52.5
windows_i686_msvc@0.52.5
windows_x86_64_gnu@0.52.5
windows_x86_64_gnullvm@0.52.5
windows_x86_64_msvc@0.52.5
aho-corasick@1.0.5
anstream@0.6.7
anstyle@1.0.3
anstyle-parse@0.2.1
anstyle-query@1.0.0
anstyle-wincon@3.0.1
autocfg@1.1.0
bstr@1.6.2
bumpalo@3.14.0
chrono@0.4.31
core-foundation-sys@0.8.4
crc32fast@1.3.2
crossbeam-deque@0.8.3
crossbeam-epoch@0.9.15
crossbeam-utils@0.8.16
either@1.9.0
fnv@1.0.7
globset@0.4.13
hermit-abi@0.3.2
iana-time-zone@0.1.57
itoa@1.0.9
js-sys@0.3.64
libc@0.2.148
log@0.4.20
memchr@2.6.3
memoffset@0.9.0
miniz_oxide@0.7.1
num-traits@0.2.16
once_cell@1.18.0
pin-project-lite@0.2.13
proc-macro2@1.0.78
quote@1.0.33
regex-automata@0.4.5
regex-syntax@0.8.2
ryu@1.0.15
scopeguard@1.2.0
serde@1.0.188
serde_derive@1.0.188
serde_json@1.0.107
sharded-slab@0.1.4
smallvec@1.11.0
strsim@0.11.0
syn@2.0.33
thread_local@1.1.7
tree-sitter-bicep@1.0.0
wasm-bindgen@0.2.87
wasm-bindgen-backend@0.2.87
wasm-bindgen-macro@0.2.87
wasm-bindgen-macro-support@0.2.87
wasm-bindgen-shared@0.2.87
windows@0.48.0
windows-sys@0.48.0
windows-targets@0.48.5
windows_aarch64_gnullvm@0.48.5
windows_aarch64_msvc@0.48.5
windows_i686_gnu@0.48.5
windows_i686_msvc@0.48.5
windows_x86_64_gnu@0.48.5
windows_x86_64_gnullvm@0.48.5
windows_x86_64_msvc@0.48.5

advanced-security / codeql-extractor-iac

feat(extractor): Update grammars and CodeQL #139

Dependency Review

OpenSSF Scorecard

Scanned Manifest Files