{"id":15442915,"url":"https://github.com/apache/qpid-proton","last_synced_at":"2026-03-05T22:08:02.067Z","repository":{"id":22960025,"uuid":"26309799","full_name":"apache/qpid-proton","owner":"apache","description":"Mirror of Apache Qpid Proton","archived":false,"fork":false,"pushed_at":"2026-02-10T21:38:17.000Z","size":16624,"stargazers_count":240,"open_issues_count":22,"forks_count":216,"subscribers_count":33,"default_branch":"main","last_synced_at":"2026-03-04T20:29:21.316Z","etag":null,"topics":["amqp","amqp-client","amqp-connection","amqp-messages","amqp10","amqps","apache","c","cpp","golang","library","messaging","python","python3","qpid","ruby"],"latest_commit_sha":null,"homepage":"https://qpid.apache.org/proton","language":"C++","has_issues":false,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/apache.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2014-11-07T08:00:07.000Z","updated_at":"2026-02-25T12:17:04.000Z","dependencies_parsed_at":"2023-10-20T14:37:50.797Z","dependency_job_id":"4f0d9489-6c81-4fab-b177-35b07227618c","html_url":"https://github.com/apache/qpid-proton","commit_stats":{"total_commits":4645,"total_committers":85,"mean_commits":54.64705882352941,"dds":0.7851453175457481,"last_synced_commit":"60ab050bd4da40fd845a0a329bb134bdb4e3903a"},"previous_names":[],"tags_count":113,"template":false,"template_full_name":null,"purl":"pkg:github/apache/qpid-proton","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/apache%2Fqpid-proton","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/apache%2Fqpid-proton/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/apache%2Fqpid-proton/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/apache%2Fqpid-proton/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/apache","download_url":"https://codeload.github.com/apache/qpid-proton/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/apache%2Fqpid-proton/sbom","scorecard":{"id":201645,"data":{"date":"2025-08-11","repo":{"name":"github.com/apache/qpid-proton","commit":"b19fbee7fc03d8e14791382416105fd4aed7ddb7"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":4.2,"checks":[{"name":"Maintained","score":5,"reason":"7 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 5","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/build.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Code-Review","score":0,"reason":"Found 0/30 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE.txt:0","Info: FSF or OSI recognized license: Apache License 2.0: LICENSE.txt:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Security-Policy","score":10,"reason":"security policy file detected","details":["Info: security policy file detected: github.com/apache/.github/.github/SECURITY.md:1","Info: Found linked content: github.com/apache/.github/.github/SECURITY.md:1","Info: Found disclosure, vulnerability, and/or timelines in security policy: github.com/apache/.github/.github/SECURITY.md:1","Info: Found text in security policy: github.com/apache/.github/.github/SECURITY.md:1"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'main'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Vulnerabilities","score":0,"reason":"11 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: PYSEC-2013-9 / GHSA-4gv5-qhvr-36vv","Warn: Project is vulnerable to: PYSEC-2021-437 / GHSA-5xp3-jfq3-5q8x","Warn: Project is vulnerable to: PYSEC-2019-160 / GHSA-c5h8-cq4v-cvfm","Warn: Project is vulnerable to: PYSEC-2013-8 / GHSA-g3p5-fjj9-h8gj","Warn: Project is vulnerable to: PYSEC-2020-173 / GHSA-gpvv-69j7-gwj8","Warn: Project is vulnerable to: PYSEC-2023-228 / GHSA-mq26-g339-26xf","Warn: Project is vulnerable to: PYSEC-2013-22 / GHSA-27x4-j476-jp5f","Warn: Project is vulnerable to: PYSEC-2025-49 / GHSA-5rjg-fvgr-3xxf","Warn: Project is vulnerable to: GHSA-cx63-2mw6-8hw5","Warn: Project is vulnerable to: PYSEC-2022-43012 / GHSA-r9hx-vwmv-q579","Warn: Project is vulnerable to: PYSEC-2022-43017 / GHSA-qwmp-2cf2-g9g6"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"Fuzzing","score":10,"reason":"project is fuzzed","details":["Info: OSSFuzz integration found","Info: CLibFuzzer integration found: c/tests/fuzz/StandaloneFuzzTargetMain.c:10","Info: CLibFuzzer integration found: c/tests/fuzz/StandaloneFuzzTargetMain.c:107","Info: CLibFuzzer integration found: c/tests/fuzz/fuzz-connection-driver.c:62","Info: CLibFuzzer integration found: c/tests/fuzz/fuzz-connection-driver.c:64","Info: CLibFuzzer integration found: c/tests/fuzz/fuzz-connection-driver.c:102","Info: CLibFuzzer integration found: c/tests/fuzz/fuzz-message-decode.c:28","Info: CLibFuzzer integration found: c/tests/fuzz/fuzz-proactor-receive.c:336","Info: CLibFuzzer integration found: c/tests/fuzz/fuzz-sniff-header.c:29","Info: CLibFuzzer integration found: c/tests/fuzz/fuzz-url.c:32"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"SAST","score":0,"reason":"no SAST tool detected","details":["Warn: no pull requests merged into dev branch"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/qpid-proton/build.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/qpid-proton/build.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:78: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/qpid-proton/build.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:83: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/qpid-proton/build.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:88: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/qpid-proton/build.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:105: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/qpid-proton/build.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:110: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/qpid-proton/build.yml/main?enable=pin","Warn: containerImage not pinned by hash: c/tests/fuzz/Dockerfile:17","Warn: pipCommand not pinned by hash: .github/workflows/build.yml:45","Warn: pipCommand not pinned by hash: .github/workflows/build.yml:46","Info:   0 out of   7 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of   1 containerImage dependencies pinned","Info:   0 out of   2 pipCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}}]},"last_synced_at":"2025-08-16T22:56:09.994Z","repository_id":22960025,"created_at":"2025-08-16T22:56:09.994Z","updated_at":"2025-08-16T22:56:09.994Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":30152073,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-03-05T21:15:50.531Z","status":"ssl_error","status_checked_at":"2026-03-05T21:15:11.173Z","response_time":93,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["amqp","amqp-client","amqp-connection","amqp-messages","amqp10","amqps","apache","c","cpp","golang","library","messaging","python","python3","qpid","ruby"],"created_at":"2024-10-01T19:31:33.632Z","updated_at":"2026-03-05T22:08:02.018Z","avatar_url":"https://github.com/apache.png","language":"C++","readme":"Qpid Proton - AMQP messaging toolkit\n====================================\n\n[Qpid Proton](https://qpid.apache.org/proton) is a high-performance, lightweight\nmessaging library. It can be used in the widest range of messaging applications,\nincluding brokers, client libraries, routers, bridges, proxies, and more.\nProton makes it trivial to integrate with the AMQP 1.0 ecosystem from any\nplatform, environment, or language.\n\nFeatures\n--------\n\n  - A flexible and capable reactive messaging API\n  - Full control of AMQP 1.0 protocol semantics\n  - Portable C implementation with bindings to popular languages\n  - Peer-to-peer and brokered messaging\n  - Secure communication via SSL/TLS and SASL\n\nUniversal - Proton is designed to scale both up and down. Equally suitable for\nsimple clients or high-powered servers, it can be deployed in simple\npeer-to-peer configurations or as part of a global federated messaging network.\n\nEmbeddable - Proton is carefully written to be portable and cross platform. It\nhas minimal dependencies, and it is architected to be usable with any threading\nmodel, as well as with non-threaded applications. These features make it\nuniquely suited for embedding messaging capabilities into existing software.\n\nStandard - Built around the AMQP 1.0 messaging standard, Proton is not only\nideal for building out your own messaging applications but also for connecting\nthem to the broader ecosystem of AMQP 1.0-based messaging applications.\n\nPlease see [https://qpid.apache.org/proton](https://qpid.apache.org/proton)\nfor more information.\n\nGetting Started\n---------------\n\nSee the included [INSTALL.md](INSTALL.md) file for build and install\ninstructions and the [developers.md](docs/developers.md) file for\ninformation on how to modify and test the library code itself.\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fapache%2Fqpid-proton","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fapache%2Fqpid-proton","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fapache%2Fqpid-proton/lists"}