{"id":17992596,"url":"https://github.com/apache/commons-dbcp","last_synced_at":"2025-10-05T14:14:47.105Z","repository":{"id":39979436,"uuid":"11304834","full_name":"apache/commons-dbcp","owner":"apache","description":"Apache Commons DBCP","archived":false,"fork":false,"pushed_at":"2025-10-03T04:01:11.000Z","size":7808,"stargazers_count":358,"open_issues_count":6,"forks_count":249,"subscribers_count":43,"default_branch":"master","last_synced_at":"2025-10-03T07:27:18.857Z","etag":null,"topics":["commons"],"latest_commit_sha":null,"homepage":"https://commons.apache.org/dbcp/","language":"Java","has_issues":false,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/apache.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE.txt","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":"NOTICE.txt","maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2013-07-10T07:00:11.000Z","updated_at":"2025-10-02T03:46:10.000Z","dependencies_parsed_at":"2023-10-16T04:32:40.450Z","dependency_job_id":"5c5688f3-478b-4f3b-aa1e-e620f8342ad1","html_url":"https://github.com/apache/commons-dbcp","commit_stats":{"total_commits":3161,"total_committers":74,"mean_commits":42.71621621621622,"dds":0.7772856690920595,"last_synced_commit":"21d22b8c92a6bbd47f87dc9b0dbbe6fc64fbce9c"},"previous_names":[],"tags_count":74,"template":false,"template_full_name":null,"purl":"pkg:github/apache/commons-dbcp","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/apache%2Fcommons-dbcp","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/apache%2Fcommons-dbcp/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/apache%2Fcommons-dbcp/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/apache%2Fcommons-dbcp/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/apache","download_url":"https://codeload.github.com/apache/commons-dbcp/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/apache%2Fcommons-dbcp/sbom","scorecard":{"id":201309,"data":{"date":"2025-08-16T02:11:28Z","repo":{"name":"github.com/apache/commons-dbcp","commit":"5b86fef36f5be1561619ec8f9f896941acbbe962"},"scorecard":{"version":"v5.2.1","commit":"ab2f6e92482462fe66246d9e32f642855a691dc1"},"score":7.6,"checks":[{"name":"Maintained","score":10,"reason":"30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#maintained"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#dangerous-workflow"}},{"name":"Security-Policy","score":10,"reason":"security policy file detected","details":["Info: security policy file detected: SECURITY.md:1","Info: Found linked content: SECURITY.md:1","Info: Found disclosure, vulnerability, and/or timelines in security policy: SECURITY.md:1","Info: Found text in security policy: SECURITY.md:1"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#security-policy"}},{"name":"Dependency-Update-Tool","score":10,"reason":"update tool detected","details":["Info: detected update tool: Dependabot: .github/dependabot.yml:1"],"documentation":{"short":"Determines if the project uses a dependency update tool.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#dependency-update-tool"}},{"name":"Code-Review","score":0,"reason":"Found 0/20 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#code-review"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#packaging"}},{"name":"Token-Permissions","score":10,"reason":"GitHub workflow tokens follow principle of least privilege","details":["Info: jobLevel 'contents' permission set to 'read': .github/workflows/codeql-analysis.yml:36","Info: jobLevel 'actions' permission set to 'read': .github/workflows/codeql-analysis.yml:35","Info: jobLevel 'actions' permission set to 'read': .github/workflows/scorecards-analysis.yml:36","Info: jobLevel 'contents' permission set to 'read': .github/workflows/scorecards-analysis.yml:38","Info: topLevel 'contents' permission set to 'read': .github/workflows/codeql-analysis.yml:28","Info: topLevel 'contents' permission set to 'read': .github/workflows/dependency-review.yml:22","Info: topLevel 'contents' permission set to 'read': .github/workflows/maven.yml:21","Info: topLevel permissions set to 'read-all': .github/workflows/scorecards-analysis.yml:25","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#token-permissions"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#binary-artifacts"}},{"name":"Pinned-Dependencies","score":10,"reason":"all dependencies are pinned","details":["Info:  13 out of  13 GitHub-owned GitHubAction dependencies pinned","Info:   1 out of   1 third-party GitHubAction dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#pinned-dependencies"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#cii-best-practices"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE.txt:0","Info: FSF or OSI recognized license: Apache License 2.0: LICENSE.txt:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#license"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#fuzzing"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#signed-releases"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#vulnerabilities"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'master'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#branch-protection"}},{"name":"SAST","score":10,"reason":"SAST tool is run on all commits","details":["Info: SAST configuration detected: CodeQL","Info: all commits (10) are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#sast"}},{"name":"CI-Tests","score":10,"reason":"10 out of 10 merged PRs checked by a CI test -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project runs tests before pull requests are merged.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#ci-tests"}},{"name":"Contributors","score":10,"reason":"project has 30 contributing companies or organizations","details":["Info: found contributions from: DSpace, Debian, Hack42, HackerHotel, JavaNCSS, NixOS, TinyGearsOrg, airlift, apache, apache software foundation, apple, arnhem-air, assertj, atmire, bibliotheekdeventer, eicas-nl, facebook, groovy, inkcut, jenkinsci, notionwm, playframework, proxytoys, retired, scala-labs, scalacommunitybuild, scalapenos, self-employed apache software foundation, trinodb, x-stream"],"documentation":{"short":"Determines if the project has a set of contributors from multiple organizations (e.g., companies).","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#contributors"}}]},"last_synced_at":"2025-08-16T22:53:38.026Z","repository_id":39979436,"created_at":"2025-08-16T22:53:38.027Z","updated_at":"2025-08-16T22:53:38.027Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":278262482,"owners_count":25957940,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-04T02:00:05.491Z","response_time":63,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["commons"],"created_at":"2024-10-29T20:08:14.271Z","updated_at":"2025-10-05T14:14:47.098Z","avatar_url":"https://github.com/apache.png","language":"Java","funding_links":[],"categories":["数据库开发"],"sub_categories":[],"readme":"\u003c!---\n Licensed to the Apache Software Foundation (ASF) under one or more\n contributor license agreements.  See the NOTICE file distributed with\n this work for additional information regarding copyright ownership.\n The ASF licenses this file to You under the Apache License, Version 2.0\n (the \"License\"); you may not use this file except in compliance with\n the License.  You may obtain a copy of the License at\n\n      https://www.apache.org/licenses/LICENSE-2.0\n\n Unless required by applicable law or agreed to in writing, software\n distributed under the License is distributed on an \"AS IS\" BASIS,\n WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n See the License for the specific language governing permissions and\n limitations under the License.\n--\u003e\n\u003c!---\n +======================================================================+\n |****                                                              ****|\n |****      THIS FILE IS GENERATED BY THE COMMONS BUILD PLUGIN      ****|\n |****                    DO NOT EDIT DIRECTLY                      ****|\n |****                                                              ****|\n +======================================================================+\n | TEMPLATE FILE: readme-md-template.md                                 |\n | commons-build-plugin/trunk/src/main/resources/commons-xdoc-templates |\n +======================================================================+\n |                                                                      |\n | 1) Re-generate using: mvn commons-build:readme-md                    |\n |                                                                      |\n | 2) Set the following properties in the component's pom:              |\n |    - commons.componentid (required, alphabetic, lower case)          |\n |    - commons.release.version (required)                              |\n |                                                                      |\n | 3) Example Properties                                                |\n |                                                                      |\n |  \u003cproperties\u003e                                                        |\n |    \u003ccommons.componentid\u003emath\u003c/commons.componentid\u003e                   |\n |    \u003ccommons.release.version\u003e1.2\u003c/commons.release.version\u003e            |\n |  \u003c/properties\u003e                                                       |\n |                                                                      |\n +======================================================================+\n---\u003e\nApache Commons DBCP\n===================\n\n[![Java CI](https://github.com/apache/commons-dbcp/actions/workflows/maven.yml/badge.svg)](https://github.com/apache/commons-dbcp/actions/workflows/maven.yml)\n[![Maven Central](https://img.shields.io/maven-central/v/org.apache.commons/commons-dbcp2?label=Maven%20Central)](https://search.maven.org/artifact/org.apache.commons/commons-dbcp2)\n[![Javadocs](https://javadoc.io/badge/org.apache.commons/commons-dbcp2/2.13.0.svg)](https://javadoc.io/doc/org.apache.commons/commons-dbcp2/2.13.0)\n[![CodeQL](https://github.com/apache/commons-dbcp/actions/workflows/codeql-analysis.yml/badge.svg)](https://github.com/apache/commons-dbcp/actions/workflows/codeql-analysis.yml)\n[![OpenSSF Scorecard](https://api.securityscorecards.dev/projects/github.com/apache/commons-dbcp/badge)](https://api.securityscorecards.dev/projects/github.com/apache/commons-dbcp)\n\nApache Commons DBCP software implements Database Connection Pooling\n\nDocumentation\n-------------\n\nMore information can be found on the [Apache Commons DBCP homepage](https://commons.apache.org/proper/commons-dbcp).\nThe [Javadoc](https://commons.apache.org/proper/commons-dbcp/apidocs) can be browsed.\nQuestions related to the usage of Apache Commons DBCP should be posted to the [user mailing list](https://commons.apache.org/mail-lists.html).\n\nGetting the latest release\n--------------------------\nYou can download source and binaries from our [download page](https://commons.apache.org/proper/commons-dbcp/download_dbcp.cgi).\n\nAlternatively, you can pull it from the central Maven repositories:\n\n```xml\n\u003cdependency\u003e\n  \u003cgroupId\u003eorg.apache.commons\u003c/groupId\u003e\n  \u003cartifactId\u003ecommons-dbcp2\u003c/artifactId\u003e\n  \u003cversion\u003e2.13.0\u003c/version\u003e\n\u003c/dependency\u003e\n```\n\nBuilding\n--------\n\nBuilding requires a Java JDK and [Apache Maven](https://maven.apache.org/).\nThe required Java version is found in the `pom.xml` as the `maven.compiler.source` property.\n\nFrom a command shell, run `mvn` without arguments to invoke the default Maven goal to run all tests and checks.\n\nContributing\n------------\n\nWe accept Pull Requests via GitHub. The [developer mailing list](https://commons.apache.org/mail-lists.html) is the main channel of communication for contributors.\nThere are some guidelines which will make applying PRs easier for us:\n+ No tabs! Please use spaces for indentation.\n+ Respect the existing code style for each file.\n+ Create minimal diffs - disable on save actions like reformat source code or organize imports. If you feel the source code should be reformatted create a separate PR for this change.\n+ Provide JUnit tests for your changes and make sure your changes don't break any existing tests by running `mvn`.\n+ Before you pushing a PR, run `mvn` (by itself), this runs the default goal, which contains all build checks.\n+ To see the code coverage report, regardless of coverage failures, run `mvn clean site -Dcommons.jacoco.haltOnFailure=false`\n\nIf you plan to contribute on a regular basis, please consider filing a [contributor license agreement](https://www.apache.org/licenses/#clas).\nYou can learn more about contributing via GitHub in our [contribution guidelines](CONTRIBUTING.md).\n\nLicense\n-------\nThis code is licensed under the [Apache License v2](https://www.apache.org/licenses/LICENSE-2.0).\n\nSee the `NOTICE.txt` file for required notices and attributions.\n\nDonating\n--------\nYou like Apache Commons DBCP? Then [donate back to the ASF](https://www.apache.org/foundation/contributing.html) to support development.\n\nAdditional Resources\n--------------------\n\n+ [Apache Commons Homepage](https://commons.apache.org/)\n+ [Apache Issue Tracker (JIRA)](https://issues.apache.org/jira/browse/DBCP)\n+ [Apache Commons Slack Channel](https://the-asf.slack.com/archives/C60NVB8AD)\n+ [Apache Commons Twitter Account](https://twitter.com/ApacheCommons)\n\nApache Commons Components\n-------------------------\n\nPlease see the [list of components](https://commons.apache.org/components.html)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fapache%2Fcommons-dbcp","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fapache%2Fcommons-dbcp","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fapache%2Fcommons-dbcp/lists"}