{"id":13425736,"url":"https://github.com/apache/pulsar","last_synced_at":"2026-02-19T22:06:02.655Z","repository":{"id":37270197,"uuid":"62117812","full_name":"apache/pulsar","owner":"apache","description":"Apache Pulsar - distributed pub-sub messaging system","archived":false,"fork":false,"pushed_at":"2025-09-02T20:09:31.000Z","size":246769,"stargazers_count":14834,"open_issues_count":1581,"forks_count":3656,"subscribers_count":400,"default_branch":"master","last_synced_at":"2025-09-04T00:47:18.587Z","etag":null,"topics":["event-streaming","messaging","pubsub","pulsar","queuing","streaming"],"latest_commit_sha":null,"homepage":"https://pulsar.apache.org/","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/apache.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2016-06-28T07:00:03.000Z","updated_at":"2025-09-03T07:33:27.000Z","dependencies_parsed_at":"2024-03-25T08:35:17.724Z","dependency_job_id":"08460b28-a166-4654-b1dd-cb13dd621b73","html_url":"https://github.com/apache/pulsar","commit_stats":{"total_commits":12932,"total_committers":767,"mean_commits":"16.860495436766623","dds":0.9149396845035571,"last_synced_commit":"4b3b273c1c57741f9f9da2118eb4ec5dfeee2220"},"previous_names":["yahoo/pulsar","apache/incubator-pulsar"],"tags_count":308,"template":false,"template_full_name":null,"purl":"pkg:github/apache/pulsar","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/apache%2Fpulsar","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/apache%2Fpulsar/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/apache%2Fpulsar/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/apache%2Fpulsar/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/apache","download_url":"https://codeload.github.com/apache/pulsar/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/apache%2Fpulsar/sbom","scorecard":{"id":201446,"data":{"date":"2025-08-11","repo":{"name":"github.com/apache/pulsar","commit":"bbf56f651ebe357745b46654a1d9fb7dc4899fd7"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":7.2,"checks":[{"name":"Code-Review","score":10,"reason":"all changesets reviewed","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Maintained","score":10,"reason":"30 commit(s) and 17 issue activity found in the last 90 days -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Security-Policy","score":9,"reason":"security policy file detected","details":["Info: security policy file detected: SECURITY.md:1","Info: Found linked content: SECURITY.md:1","Warn: One or no descriptive hints of disclosure, vulnerability, and/or timelines in security policy","Info: Found text in security policy: SECURITY.md:1"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: Apache License 2.0: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"CII-Best-Practices","score":2,"reason":"badge detected: InProgress","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Info: jobLevel 'actions' permission set to 'read': .github/workflows/codeql.yaml:44","Info: jobLevel 'contents' permission set to 'read': .github/workflows/codeql.yaml:45","Info: jobLevel 'contents' permission set to 'read': .github/workflows/labeler.yml:25","Info: jobLevel 'contents' permission set to 'read': .github/workflows/pulsar-ci.yaml:1453","Info: jobLevel 'actions' permission set to 'read': .github/workflows/pulsar-ci.yaml:1452","Warn: no topLevel permission defined: .github/workflows/ci-documentbot.yml:1","Warn: no topLevel permission defined: .github/workflows/ci-go-functions.yaml:1","Warn: no topLevel permission defined: .github/workflows/ci-maven-cache-update.yaml:1","Warn: no topLevel permission defined: .github/workflows/ci-owasp-dependency-check.yaml:1","Warn: no topLevel permission defined: .github/workflows/ci-pulsarbot.yaml:1","Warn: no topLevel permission defined: .github/workflows/ci-semantic-pull-request.yml:1","Warn: no topLevel permission defined: .github/workflows/codeql.yaml:1","Warn: no topLevel permission defined: .github/workflows/labeler.yml:1","Warn: no topLevel permission defined: .github/workflows/pulsar-ci-flaky.yaml:1","Warn: no topLevel permission defined: .github/workflows/pulsar-ci.yaml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"SAST","score":9,"reason":"SAST tool detected but not run on all commits","details":["Info: SAST configuration detected: CodeQL","Info: SAST configuration detected: CodeQL","Warn: 21 commits out of 30 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci-documentbot.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/ci-documentbot.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-go-functions.yaml:45: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/ci-go-functions.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci-go-functions.yaml:49: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/ci-go-functions.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-go-functions.yaml:82: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/ci-go-functions.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-go-functions.yaml:88: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/ci-go-functions.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-maven-cache-update.yaml:77: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/ci-maven-cache-update.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci-maven-cache-update.yaml:85: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/ci-maven-cache-update.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-maven-cache-update.yaml:95: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/ci-maven-cache-update.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-maven-cache-update.yaml:107: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/ci-maven-cache-update.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-owasp-dependency-check.yaml:52: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/ci-owasp-dependency-check.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-owasp-dependency-check.yaml:60: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/ci-owasp-dependency-check.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-owasp-dependency-check.yaml:72: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/ci-owasp-dependency-check.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-owasp-dependency-check.yaml:88: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/ci-owasp-dependency-check.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-owasp-dependency-check.yaml:104: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/ci-owasp-dependency-check.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-owasp-dependency-check.yaml:126: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/ci-owasp-dependency-check.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci-pulsarbot.yaml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/ci-pulsarbot.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci-semantic-pull-request.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/ci-semantic-pull-request.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yaml:56: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/codeql.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yaml:67: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/codeql.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yaml:73: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/codeql.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yaml:77: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/codeql.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yaml:86: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/codeql.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/labeler.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/labeler.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pulsar-ci-flaky.yaml:101: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci-flaky.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pulsar-ci-flaky.yaml:120: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci-flaky.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/pulsar-ci-flaky.yaml:125: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci-flaky.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pulsar-ci-flaky.yaml:183: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci-flaky.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pulsar-ci-flaky.yaml:201: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci-flaky.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pulsar-ci-flaky.yaml:212: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci-flaky.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/pulsar-ci-flaky.yaml:234: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci-flaky.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pulsar-ci-flaky.yaml:262: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci-flaky.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pulsar-ci-flaky.yaml:278: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci-flaky.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pulsar-ci-flaky.yaml:287: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci-flaky.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pulsar-ci.yaml:176: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pulsar-ci.yaml:190: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pulsar-ci.yaml:201: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/pulsar-ci.yaml:220: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pulsar-ci.yaml:418: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pulsar-ci.yaml:432: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pulsar-ci.yaml:443: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/pulsar-ci.yaml:449: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pulsar-ci.yaml:465: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pulsar-ci.yaml:507: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pulsar-ci.yaml:521: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pulsar-ci.yaml:532: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/pulsar-ci.yaml:538: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/pulsar-ci.yaml:546: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pulsar-ci.yaml:1271: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pulsar-ci.yaml:1289: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pulsar-ci.yaml:1301: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/pulsar-ci.yaml:1307: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/pulsar-ci.yaml:1336: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pulsar-ci.yaml:1347: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pulsar-ci.yaml:1356: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pulsar-ci.yaml:1364: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pulsar-ci.yaml:1420: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pulsar-ci.yaml:1426: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pulsar-ci.yaml:1437: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pulsar-ci.yaml:1651: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/pulsar-ci.yaml:1659: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pulsar-ci.yaml:101: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pulsar-ci.yaml:120: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/pulsar-ci.yaml:125: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pulsar-ci.yaml:771: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pulsar-ci.yaml:785: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pulsar-ci.yaml:796: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/pulsar-ci.yaml:802: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pulsar-ci.yaml:823: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pulsar-ci.yaml:883: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pulsar-ci.yaml:902: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pulsar-ci.yaml:914: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/pulsar-ci.yaml:920: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/pulsar-ci.yaml:941: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pulsar-ci.yaml:953: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pulsar-ci.yaml:1036: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pulsar-ci.yaml:1054: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pulsar-ci.yaml:1066: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/pulsar-ci.yaml:1072: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/pulsar-ci.yaml:1109: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pulsar-ci.yaml:1120: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pulsar-ci.yaml:1129: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pulsar-ci.yaml:1137: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pulsar-ci.yaml:1397: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/pulsar-ci.yaml:1403: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pulsar-ci.yaml:1522: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pulsar-ci.yaml:1536: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pulsar-ci.yaml:1547: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/pulsar-ci.yaml:1556: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pulsar-ci.yaml:1571: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pulsar-ci.yaml:1593: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pulsar-ci.yaml:293: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pulsar-ci.yaml:311: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pulsar-ci.yaml:322: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/pulsar-ci.yaml:328: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/pulsar-ci.yaml:357: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pulsar-ci.yaml:376: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pulsar-ci.yaml:384: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pulsar-ci.yaml:1169: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pulsar-ci.yaml:1183: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pulsar-ci.yaml:1195: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/pulsar-ci.yaml:1201: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pulsar-ci.yaml:1221: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pulsar-ci.yaml:637: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pulsar-ci.yaml:651: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pulsar-ci.yaml:662: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/pulsar-ci.yaml:668: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pulsar-ci.yaml:686: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/pulsar-ci.yaml:712: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pulsar-ci.yaml:723: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pulsar-ci.yaml:731: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pulsar-ci.yaml:744: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pulsar-ci.yaml:859: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/pulsar-ci.yaml:865: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pulsar-ci.yaml:1461: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pulsar-ci.yaml:1479: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pulsar-ci.yaml:1491: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pulsar-ci.yaml:1497: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pulsar-ci.yaml:1506: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/pulsar/pulsar-ci.yaml/master?enable=pin","Warn: containerImage not pinned by hash: docker/kinesis-producer-alpine/Dockerfile:25","Warn: containerImage not pinned by hash: docker/kinesis-producer-alpine/Dockerfile:74","Warn: containerImage not pinned by hash: docker/pulsar-all/Dockerfile:25","Warn: containerImage not pinned by hash: docker/pulsar-all/Dockerfile:32","Warn: containerImage not pinned by hash: docker/pulsar-all/Dockerfile:34","Warn: containerImage not pinned by hash: docker/pulsar/Dockerfile:24","Warn: containerImage not pinned by hash: docker/pulsar/Dockerfile:58","Warn: containerImage not pinned by hash: docker/pulsar/Dockerfile:73","Warn: containerImage not pinned by hash: docker/pulsar/Dockerfile:83","Warn: containerImage not pinned by hash: tests/docker-images/java-test-image/Dockerfile:21","Warn: containerImage not pinned by hash: tests/docker-images/latest-version-image/Dockerfile:23","Warn: containerImage not pinned by hash: tests/docker-images/latest-version-image/Dockerfile:32","Warn: containerImage not pinned by hash: tests/docker-images/latest-version-image/Dockerfile:56","Warn: pipCommand not pinned by hash: docker/pulsar/Dockerfile:112-117","Warn: pipCommand not pinned by hash: pulsar-functions/instance/src/scripts/run_python_instance_tests.sh:23","Warn: pipCommand not pinned by hash: pulsar-functions/instance/src/scripts/run_python_instance_tests.sh:24","Warn: pipCommand not pinned by hash: pulsar-functions/instance/src/scripts/run_python_instance_tests.sh:25","Warn: pipCommand not pinned by hash: src/update_python_protobuf_stubs.sh:36","Warn: downloadThenRun not pinned by hash: .github/workflows/ci-go-functions.yaml:96","Info:   0 out of  90 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of  28 third-party GitHubAction dependencies pinned","Info:   0 out of  13 containerImage dependencies pinned","Info:   0 out of   5 pipCommand dependencies pinned","Info:   2 out of   2 goCommand dependencies pinned","Info:   0 out of   1 downloadThenRun dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-16T22:54:39.659Z","repository_id":37270197,"created_at":"2025-08-16T22:54:39.659Z","updated_at":"2025-08-16T22:54:39.659Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":274357646,"owners_count":25270675,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-09-09T02:00:10.223Z","response_time":80,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["event-streaming","messaging","pubsub","pulsar","queuing","streaming"],"created_at":"2024-07-31T00:01:17.662Z","updated_at":"2026-02-19T22:06:02.638Z","avatar_url":"https://github.com/apache.png","language":"Java","readme":"\u003c!--\n\n    Licensed to the Apache Software Foundation (ASF) under one\n    or more contributor license agreements.  See the NOTICE file\n    distributed with this work for additional information\n    regarding copyright ownership.  The ASF licenses this file\n    to you under the Apache License, Version 2.0 (the\n    \"License\"); you may not use this file except in compliance\n    with the License.  You may obtain a copy of the License at\n\n      http://www.apache.org/licenses/LICENSE-2.0\n\n    Unless required by applicable law or agreed to in writing,\n    software distributed under the License is distributed on an\n    \"AS IS\" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY\n    KIND, either express or implied.  See the License for the\n    specific language governing permissions and limitations\n    under the License.\n\n--\u003e\n\n![logo](https://pulsar.apache.org/img/pulsar.svg)\n\n[![docker pull](https://img.shields.io/docker/pulls/apachepulsar/pulsar-all.svg)](https://hub.docker.com/r/apachepulsar/pulsar)\n[![contributors](https://img.shields.io/github/contributors-anon/apache/pulsar)](https://github.com/apache/pulsar/graphs/contributors)\n[![last commit](https://img.shields.io/github/last-commit/apache/pulsar)](https://github.com/apache/pulsar/commits/master)\n[![release](https://img.shields.io/github/v/release/apache/pulsar?sort=semver)](https://pulsar.apache.org/download/)\n[![downloads](https://img.shields.io/github/downloads/apache/pulsar/total)](https://pulsar.apache.org/download/)\n\nPulsar is a distributed pub-sub messaging platform with a very\nflexible messaging model and an intuitive client API.\n\nLearn more about Pulsar at https://pulsar.apache.org\n\n## Main features\n\n- Horizontally scalable (Millions of independent topics and millions\n  of messages published per second)\n- Strong ordering and consistency guarantees\n- Low latency durable storage\n- Topic and queue semantics\n- Load balancer\n- Designed for being deployed as a hosted service:\n  - Multi-tenant\n  - Authentication\n  - Authorization\n  - Quotas\n  - Support mixing very different workloads\n  - Optional hardware isolation\n- Keeps track of consumer cursor position\n- REST API for provisioning, admin and stats\n- Geo replication\n- Transparent handling of partitioned topics\n- Transparent batching of messages\n\n## Repositories\n\nThis repository is the main repository of Apache Pulsar. Pulsar PMC also maintains other repositories for\ncomponents in the Pulsar ecosystem, including connectors, adapters, and other language clients.\n\n- [Pulsar Core](https://github.com/apache/pulsar)\n\n### Helm Chart\n\n- [Pulsar Helm Chart](https://github.com/apache/pulsar-helm-chart)\n\n### Ecosystem\n\n- [Pulsar Adapters](https://github.com/apache/pulsar-adapters)\n\n### Clients\n\n- [.NET/C# Client](https://github.com/apache/pulsar-dotpulsar)\n- [C++ Client](https://github.com/apache/pulsar-client-cpp)\n- [Go Client](https://github.com/apache/pulsar-client-go)\n- [NodeJS Client](https://github.com/apache/pulsar-client-node)\n- [Python Client](https://github.com/apache/pulsar-client-python)\n- [Reactive Java Client](https://github.com/apache/pulsar-client-reactive)\n\n### Dashboard \u0026 Management Tools\n\n- [Dekaf UI](https://github.com/visortelle/dekaf)\n- [Pulsar Manager](https://github.com/apache/pulsar-manager)\n\n### Website\n\n- [Pulsar Site](https://github.com/apache/pulsar-site)\n\n### CI/CD\n\n- [Pulsar CI](https://github.com/apache/pulsar-test-infra)\n\n### Archived/Halted\n\n- [Pulsar Connectors](https://github.com/apache/pulsar-connectors) (bundled as [pulsar-io](pulsar-io))\n- [Pulsar Translation](https://github.com/apache/pulsar-translation)\n- [Pulsar SQL (Pulsar Presto Connector)](https://github.com/apache/pulsar-presto) (bundled as [pulsar-sql](pulsar-sql))\n- [Ruby Client](https://github.com/apache/pulsar-client-ruby)\n\n## Pulsar Runtime Java Version Recommendation\n\n\u003e **Note**:\n\u003e\n\u003e When using Java versions, it is recommended to\n\u003e use [a recent version of a particular Java release (17 or 21)](https://adoptium.net/en-GB/temurin/releases?version=21\u0026os=linux\u0026arch=any)\n\u003e with the most recent bug fixes and security patches.\n\u003e For example, the JVM bug [JDK-8351933](https://bugs.openjdk.org/browse/JDK-8351933) can cause stability issues in\n\u003e Pulsar.\n\u003e [JDK-8351933](https://bugs.openjdk.org/browse/JDK-8351933) was fixed in Java 17.0.17+ and Java 21.0.8+.\n\u003e Pulsar Docker images come with the most recent Java version at the time of release.\n\nWhen using the Pulsar Java client, it is recommended to [set specific system properties and JVM options](https://pulsar.apache.org/docs/next/client-libraries-java-setup/#java-client-performance) to allow optimal performance.\n\n\n### pulsar ver \u003e= 4.1 and master branch\n\n| Component       | Java Version |\n|-----------------|:------------:|\n| Broker          |      21      |\n| Functions / IO  |      21      |\n| CLI             |   17 or 21   |\n| Java Client     |   17 or 21   |\n\nDocker image Java runtime: 21\n\n### 3.3 \u003c= pulsar ver \u003c= 4.0\n\n| Component       |  Java Version   |\n|-----------------|:---------------:|\n| Broker          |       21        |\n| Functions / IO  |       21        |\n| CLI             |    17 or 21     |\n| Java Client     | 8, 11, 17 or 21 |\n\nDocker image Java runtime: 21\n\n### 2.10 \u003c= pulsar ver \u003c= 3.0 \n\n| Component      | Java Version  |\n|----------------|:-------------:|\n| Broker         |      17       |\n| Functions / IO |      17       |\n| CLI            |      17       |\n| Java Client    | 8 or 11 or 17 |\n\nDocker image Java runtime: 17\n\n### 2.8 \u003c= pulsar ver \u003c= 2.10\n\n| Component       | Java Version |\n|-----------------|:------------:|\n| Broker          |      11      |\n| Functions / IO  |      11      |\n| CLI             |   8 or 11    |\n| Java Client     |   8 or 11    |\n\n### pulsar ver \u003c 2.8\n\n| Component   | Java Version |\n|-------------|:------------:|\n| All         |   8 or 11    |\n\n## Build Pulsar\n\n### Requirements\n\n- JDK\n\n    | Pulsar Version   |                                   JDK Version                                    |\n    |------------------|:--------------------------------------------------------------------------------:|\n    | master and 4.0+  | [JDK 21](https://adoptium.net/en-GB/temurin/releases?version=21\u0026os=any\u0026arch=any) | \n    | 2.11 +           | [JDK 17](https://adoptium.net/en-GB/temurin/releases?version=17\u0026os=any\u0026arch=any) |\n    | 2.8 / 2.9 / 2.10 | [JDK 11](https://adoptium.net/en-GB/temurin/releases?version=11\u0026os=any\u0026arch=any) |\n    | 2.7 -            |  [JDK 8](https://adoptium.net/en-GB/temurin/releases?version=8\u0026os=any\u0026arch=any)  |\n\n- Maven 3.9.9+\n- zip\n\nThere is also a guide for [setting up the tooling for building Pulsar](https://pulsar.apache.org/contribute/setup-buildtools/).\n\n\u003e **Note**:\n\u003e\n\u003e This project includes a [Maven Wrapper](https://maven.apache.org/wrapper/) that can be used instead of a system-installed Maven.\n\u003e Use it by replacing `mvn` by `./mvnw` on Linux and `mvnw.cmd` on Windows in the commands below.    \n\n### Build\n\nCompile and install:\n\n```bash\n$ mvn install -DskipTests\n```\n\nCompile and install individual module\n\n```bash\n$ mvn -pl module-name (e.g: pulsar-broker) install -DskipTests\n```\n\n### Minimal build (This skips most of external connectors and tiered storage handlers)\n\n```bash\nmvn install -Pcore-modules,-main -DskipTests\n```\n\nRun Unit Tests:\n\n```bash\n$ mvn test\n```\n\nRun Individual Unit Test:\n\n```bash\n$ mvn -pl module-name (e.g: pulsar-client) test -Dtest=unit-test-name (e.g: ConsumerBuilderImplTest)\n```\n\nRun Selected Test packages:\n\n```bash\n$ mvn test -pl module-name (for example, pulsar-broker) -Dinclude=org/apache/pulsar/**/*.java\n```\n\nStart standalone Pulsar service:\n\n```bash\n$ bin/pulsar standalone\n```\n\nCheck https://pulsar.apache.org for documentation and examples.\n\n## Build custom docker images\n\nThe commands used in the Apache Pulsar release process can be found in the [release process documentation](https://pulsar.apache.org/contribute/release-process/#stage-docker-images).\n\nHere are some general instructions for building custom docker images:\n\n* Docker images must be built with Java 8 for `branch-2.7` or previous branches because of [ISSUE-8445](https://github.com/apache/pulsar/issues/8445).\n* Java 11 is the recommended JDK version in `branch-2.8`, `branch-2.9` and `branch-2.10`.\n* Java 17 is the recommended JDK version in `branch-2.11`, `branch-3.0` and `branch-3.3`.\n* Java 21 is the recommended JDK version since `branch-4.0`.\n\nThe following command builds the docker images `apachepulsar/pulsar-all:latest` and `apachepulsar/pulsar:latest`:\n\n```bash\nmvn clean install -DskipTests\n# setting DOCKER_CLI_EXPERIMENTAL=enabled is required in some environments with older docker versions\nexport DOCKER_CLI_EXPERIMENTAL=enabled\nmvn package -Pdocker,-main -am -pl docker/pulsar-all -DskipTests\n```\n\nAfter the images are built, they can be tagged and pushed to your custom repository. Here's an example of a bash script that tags the docker images with the current version and git revision and pushes them to `localhost:32000/apachepulsar`.\n\n```bash\nimage_repo_and_project=localhost:32000/apachepulsar\npulsar_version=$(mvn initialize help:evaluate -Dexpression=project.version -pl . -q -DforceStdout)\ngitrev=$(git rev-parse HEAD | colrm 10)\ntag=\"${pulsar_version}-${gitrev}\"\necho \"Using tag $tag\"\ndocker tag apachepulsar/pulsar-all:latest ${image_repo_and_project}/pulsar-all:$tag\ndocker push ${image_repo_and_project}/pulsar-all:$tag\ndocker tag apachepulsar/pulsar:latest ${image_repo_and_project}/pulsar:$tag\ndocker push ${image_repo_and_project}/pulsar:$tag\n```\n\n## Setting up your IDE\n\nRead https://pulsar.apache.org/contribute/setup-ide for setting up IntelliJ IDEA or Eclipse for developing Pulsar.\n\n## Documentation\n\n\u003e **Note**:\n\u003e\n\u003e For how to make contributions to Pulsar documentation, see [Pulsar Documentation Contribution Guide](https://pulsar.apache.org/contribute/document-intro/).\n\n## Contact\n\n##### Mailing lists\n\n* The mailing lists are the primary contact for the Apache Pulsar project.\n* Your email to the mailing list might be placed in a moderation queue if you haven't joined the mailing list by subscribing before posting.\n\n\u003e **Note**\n\u003e\n\u003e Please note that security-related issues or concerns should not be reported in public channels.\n\u003e Follow the instructions in the [Security Policy](https://pulsar.apache.org/security/) to contact the [ASF Security Team](https://www.apache.org/security/) and the Apache Pulsar PMC directly.\n\n| Name                                                      | Scope                           | Subscribe                                             | Unsubscribe                                               | Archives                                                           |\n|:----------------------------------------------------------|:--------------------------------|:------------------------------------------------------|:----------------------------------------------------------|:-------------------------------------------------------------------|\n| [users@pulsar.apache.org](mailto:users@pulsar.apache.org) | User-related discussions        | [Subscribe](mailto:users-subscribe@pulsar.apache.org?subject=subscribe\u0026body=subscribe) | [Unsubscribe](mailto:users-unsubscribe@pulsar.apache.org?subject=unsubscribe\u0026body=unsubscribe) | [Archives](https://lists.apache.org/list.html?users@pulsar.apache.org) |\n| [dev@pulsar.apache.org](mailto:dev@pulsar.apache.org)     | Development-related discussions | [Subscribe](mailto:dev-subscribe@pulsar.apache.org?subject=subscribe\u0026body=subscribe)   | [Unsubscribe](mailto:dev-unsubscribe@pulsar.apache.org?subject=unsubscribe\u0026body=unsubscribe)   | [Archives](https://lists.apache.org/list.html?dev@pulsar.apache.org)   |\n\n##### Slack\n\nPulsar slack channel at https://apache-pulsar.slack.com/\n\nYou can self-register at https://communityinviter.com/apps/apache-pulsar/apache-pulsar\n\n## Security Policy\n\nIf you find a security issue with Pulsar then please [read the security policy](https://pulsar.apache.org/security/#security-policy). It is critical to avoid public disclosure.\n\n### Reporting a security vulnerability\n\nTo report a vulnerability for Pulsar, contact the [Apache Security Team](https://www.apache.org/security/). When reporting a vulnerability to [security@apache.org](mailto:security@apache.org), you can copy your email to [private@pulsar.apache.org](mailto:private@pulsar.apache.org) to send your report to the Apache Pulsar Project Management Committee. This is a private mailing list.\n\nhttps://github.com/apache/pulsar/security/policy contains more details.\n\n## License\n\nLicensed under the Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0\n\n## Crypto Notice\n\nThis distribution includes cryptographic software. The country in which you currently reside may have restrictions on the import, possession, use, and/or re-export to another country, of encryption software. BEFORE using any encryption software, please check your country's laws, regulations and policies concerning the import, possession, or use, and re-export of encryption software, to see if this is permitted. See [The Wassenaar Arrangement](http://www.wassenaar.org/) for more information.\n\nThe U.S. Government Department of Commerce, Bureau of Industry and Security (BIS), has classified this software as Export Commodity Control Number (ECCN) 5D002.C.1, which includes information security software using or performing cryptographic functions with asymmetric algorithms. The form and manner of this Apache Software Foundation distribution makes it eligible for export under the License Exception ENC Technology Software Unrestricted (TSU) exception (see the BIS Export Administration Regulations, Section 740.13) for both object code and source code.\n\nThe following provides more details on the included cryptographic software: Pulsar uses the SSL library from Bouncy Castle written by http://www.bouncycastle.org.\n","funding_links":[],"categories":["Java","Queues","_Table of Contents_","Data Ingestion","HarmonyOS","其他__大数据","⚙️ Data Engineering","Back-End Development","Streaming \u0026 Messaging","消息队列","大数据","Projects"],"sub_categories":["Vectors","On-Prem","Windows Manager","网络服务_其他","Tools","Message Broker"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fapache%2Fpulsar","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fapache%2Fpulsar","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fapache%2Fpulsar/lists"}