{"id":13401586,"url":"https://github.com/apereo/cas","last_synced_at":"2026-04-25T23:06:40.389Z","repository":{"id":37664221,"uuid":"2352744","full_name":"apereo/cas","owner":"apereo","description":"Apereo CAS - Identity \u0026 Single Sign On for all earthlings and beyond.","archived":false,"fork":false,"pushed_at":"2026-02-17T09:57:33.000Z","size":323829,"stargazers_count":11290,"open_issues_count":9,"forks_count":3963,"subscribers_count":585,"default_branch":"master","last_synced_at":"2026-02-17T10:51:57.277Z","etag":null,"topics":["authentication","authorization","aws","duosecurity","fido","identity-provider","java","ldap-authentication","mfa","oauth2","open-source","openidconnect","saml2","spring-boot","spring-cloud","spring-framework","spring-webflow","sso","sso-authentication","websso"],"latest_commit_sha":null,"homepage":"https://apereo.github.io/cas/","language":"Java","has_issues":false,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/apereo.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":".github/CONTRIBUTING.md","funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":".github/CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":"support/build.gradle","governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":"NOTICE","maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null},"funding":{"custom":["https://www.apereo.org/content/apereo-membership"]}},"created_at":"2011-09-09T01:36:42.000Z","updated_at":"2026-02-17T09:02:31.000Z","dependencies_parsed_at":"2023-10-20T17:31:23.977Z","dependency_job_id":"f4631c03-8d24-4452-aa73-995cd1e6146c","html_url":"https://github.com/apereo/cas","commit_stats":{"total_commits":23034,"total_committers":354,"mean_commits":65.0677966101695,"dds":"0.15850481896327173","last_synced_commit":"7807b8aa2a62e01ab14a1fb331030380128d1ef9"},"previous_names":["jasig/cas"],"tags_count":374,"template":false,"template_full_name":null,"purl":"pkg:github/apereo/cas","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/apereo%2Fcas","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/apereo%2Fcas/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/apereo%2Fcas/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/apereo%2Fcas/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/apereo","download_url":"https://codeload.github.com/apereo/cas/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/apereo%2Fcas/sbom","scorecard":{"id":71050,"data":{"date":"2025-08-11","repo":{"name":"github.com/apereo/cas","commit":"0f0b942794565e0263494fffea3fda8059ddf935"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":5.2,"checks":[{"name":"Code-Review","score":0,"reason":"Found 1/27 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Maintained","score":10,"reason":"30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":10,"reason":"security policy file detected","details":["Info: security policy file detected: SECURITY.md:1","Info: Found linked content: SECURITY.md:1","Info: Found disclosure, vulnerability, and/or timelines in security policy: SECURITY.md:1","Info: Found text in security policy: SECURITY.md:1"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: Apache License 2.0: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Signed-Releases","score":0,"reason":"Project has not signed or included provenance with any releases.","details":["Warn: release artifact v7.2.5 not signed: https://api.github.com/repos/apereo/cas/releases/235076538","Warn: release artifact v7.3.0-RC3 not signed: https://api.github.com/repos/apereo/cas/releases/233900140","Warn: release artifact v7.2.5 does not have provenance: https://api.github.com/repos/apereo/cas/releases/235076538","Warn: release artifact v7.3.0-RC3 does not have provenance: https://api.github.com/repos/apereo/cas/releases/233900140"],"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Info: jobLevel 'actions' permission set to 'read': .github/workflows/analysis.yml:91","Info: jobLevel 'contents' permission set to 'read': .github/workflows/analysis.yml:92","Warn: no topLevel permission defined: .github/workflows/analysis.yml:1","Warn: no topLevel permission defined: .github/workflows/build.yml:1","Warn: topLevel 'contents' permission set to 'write': .github/workflows/dependencies.yml:27","Warn: no topLevel permission defined: .github/workflows/functional-tests.yml:1","Warn: no topLevel permission defined: .github/workflows/native-tests.yml:1","Warn: no topLevel permission defined: .github/workflows/performance.yml:1","Warn: no topLevel permission defined: .github/workflows/publish-docs.yml:1","Warn: no topLevel permission defined: .github/workflows/publish.yml:1","Warn: no topLevel permission defined: .github/workflows/release.yml:1","Warn: no topLevel permission defined: .github/workflows/reruns.yml:1","Info: found token with 'none' permissions: .github/workflows/stale-pullrequests.yml:7","Warn: no topLevel permission defined: .github/workflows/tests.yml:1","Warn: no topLevel permission defined: .github/workflows/validation.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Binary-Artifacts","score":7,"reason":"binaries present in source code","details":["Warn: binary detected: etc/jwk-gen.jar:1","Warn: binary detected: gradle/wrapper/gradle-wrapper.jar:1","Warn: binary detected: support/cas-server-support-spnego/lib/jcifs-ext.jar:1"],"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"SAST","score":9,"reason":"SAST tool detected but not run on all commits","details":["Info: SAST configuration detected: CodeQL","Warn: 13 commits out of 14 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":9,"reason":"1 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-cpwx-vrp4-4pq7"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Info: Possibly incomplete results: error parsing shell code: a command can only contain words and redirects; encountered (: ci/tests/puppeteer/scenarios/actuator-endpoint-login-jdbc/init.sh:7","Info: Possibly incomplete results: error parsing shell code: a command can only contain words and redirects; encountered (: ci/tests/puppeteer/scenarios/actuator-endpoint-login-jdbc/init.sh:8","Info: Possibly incomplete results: error parsing shell code: a command can only contain words and redirects; encountered (: ci/tests/puppeteer/scenarios/actuator-endpoint-login-jdbc/init.sh:11","Info: Possibly incomplete results: error parsing shell code: a command can only contain words and redirects; encountered (: ci/tests/puppeteer/scenarios/actuator-endpoint-login-jdbc/init.sh:12","Info: Possibly incomplete results: error parsing shell code: a command can only contain words and redirects; encountered (: ci/tests/puppeteer/scenarios/configuration-properties-jdbc/init.sh:11","Info: Possibly incomplete results: error parsing shell code: a command can only contain words and redirects; encountered (: ci/tests/puppeteer/scenarios/configuration-properties-jdbc/init.sh:12","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/analysis.yml:170: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/analysis.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/analysis.yml:172: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/analysis.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/analysis.yml:46: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/analysis.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/analysis.yml:48: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/analysis.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/analysis.yml:53: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/analysis.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/analysis.yml:71: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/analysis.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/analysis.yml:73: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/analysis.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/analysis.yml:78: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/analysis.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/analysis.yml:96: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/analysis.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/analysis.yml:98: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/analysis.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/analysis.yml:103: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/analysis.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/analysis.yml:108: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/analysis.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/analysis.yml:115: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/analysis.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/analysis.yml:149: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/analysis.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/analysis.yml:151: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/analysis.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/analysis.yml:156: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/analysis.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:43: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:45: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/build.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:50: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:61: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:63: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/build.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:68: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:88: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:90: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/build.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:95: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:101: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:114: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/build.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:115: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/build.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:129: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/dependencies.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/dependencies.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/dependencies.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/dependencies.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/dependencies.yml:45: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/dependencies.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/dependencies.yml:57: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/dependencies.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/dependencies.yml:59: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/dependencies.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/dependencies.yml:64: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/dependencies.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/dependencies.yml:74: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/dependencies.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/dependencies.yml:88: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/dependencies.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/dependencies.yml:90: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/dependencies.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/dependencies.yml:95: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/dependencies.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/dependencies.yml:99: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/dependencies.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/dependencies.yml:110: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/dependencies.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/dependencies.yml:114: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/dependencies.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/functional-tests.yml:71: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/functional-tests.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/functional-tests.yml:73: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/functional-tests.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/functional-tests.yml:78: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/functional-tests.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/functional-tests.yml:94: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/functional-tests.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/functional-tests.yml:96: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/functional-tests.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/functional-tests.yml:102: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/functional-tests.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/functional-tests.yml:104: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/functional-tests.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/functional-tests.yml:134: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/functional-tests.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/functional-tests.yml:136: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/functional-tests.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/functional-tests.yml:141: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/functional-tests.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/functional-tests.yml:147: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/functional-tests.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/functional-tests.yml:155: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/functional-tests.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/functional-tests.yml:165: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/functional-tests.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/functional-tests.yml:187: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/functional-tests.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/functional-tests.yml:189: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/functional-tests.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/functional-tests.yml:195: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/functional-tests.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/functional-tests.yml:201: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/functional-tests.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/functional-tests.yml:210: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/functional-tests.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/functional-tests.yml:220: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/functional-tests.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/functional-tests.yml:242: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/functional-tests.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/functional-tests.yml:244: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/functional-tests.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/functional-tests.yml:250: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/functional-tests.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/functional-tests.yml:256: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/functional-tests.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/functional-tests.yml:265: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/functional-tests.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/functional-tests.yml:275: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/functional-tests.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/native-tests.yml:109: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/native-tests.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/native-tests.yml:115: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/native-tests.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/native-tests.yml:117: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/native-tests.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/native-tests.yml:126: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/native-tests.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/native-tests.yml:134: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/native-tests.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/native-tests.yml:144: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/native-tests.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/native-tests.yml:165: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/native-tests.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/native-tests.yml:171: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/native-tests.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/native-tests.yml:173: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/native-tests.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/native-tests.yml:182: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/native-tests.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/native-tests.yml:189: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/native-tests.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/native-tests.yml:200: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/native-tests.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/native-tests.yml:222: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/native-tests.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/native-tests.yml:228: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/native-tests.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/native-tests.yml:230: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/native-tests.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/native-tests.yml:239: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/native-tests.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/native-tests.yml:246: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/native-tests.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/native-tests.yml:257: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/native-tests.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/native-tests.yml:55: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/native-tests.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/native-tests.yml:57: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/native-tests.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/native-tests.yml:62: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/native-tests.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/native-tests.yml:78: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/native-tests.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/native-tests.yml:80: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/native-tests.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/native-tests.yml:86: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/native-tests.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/performance.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/performance.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/performance.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/performance.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/performance.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/performance.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/performance.yml:60: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/performance.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/performance.yml:62: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/performance.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/performance.yml:66: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/performance.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/performance.yml:70: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/performance.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/performance.yml:96: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/performance.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/performance.yml:98: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/performance.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/performance.yml:105: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/performance.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/performance.yml:107: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/performance.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/performance.yml:137: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/performance.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/performance.yml:139: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/performance.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/performance.yml:146: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/performance.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/performance.yml:148: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/performance.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-docs.yml:48: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/publish-docs.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-docs.yml:50: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/publish-docs.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish-docs.yml:55: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/publish-docs.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-docs.yml:67: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/publish-docs.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-docs.yml:69: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/publish-docs.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish-docs.yml:74: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/publish-docs.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish-docs.yml:78: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/publish-docs.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-docs.yml:84: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/publish-docs.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish-docs.yml:91: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/publish-docs.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:108: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/publish.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:110: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish.yml:115: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/publish.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/publish.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:61: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/publish.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:63: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish.yml:68: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/publish.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:80: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/publish.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:82: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish.yml:87: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish.yml:92: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/publish.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/release.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:50: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/release.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:52: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/release.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:57: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/release.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/stale-pullrequests.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/stale-pullrequests.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yml:64: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/tests.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yml:66: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/tests.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yml:71: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/tests.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yml:85: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/tests.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yml:87: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/tests.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yml:92: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/tests.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yml:112: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/tests.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yml:114: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/tests.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yml:119: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/tests.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yml:124: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/tests.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yml:168: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/tests.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yml:179: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/tests.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yml:192: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/tests.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yml:194: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/tests.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yml:199: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/tests.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yml:202: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/tests.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yml:214: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/tests.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yml:219: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/tests.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/validation.yml:207: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/validation.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/validation.yml:209: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/validation.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/validation.yml:214: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/validation.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/validation.yml:218: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/validation.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/validation.yml:51: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/validation.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/validation.yml:53: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/validation.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/validation.yml:58: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/validation.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/validation.yml:70: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/validation.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/validation.yml:72: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/validation.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/validation.yml:77: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/validation.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/validation.yml:98: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/validation.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/validation.yml:100: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/validation.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/validation.yml:105: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/validation.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/validation.yml:136: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/validation.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/validation.yml:138: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/validation.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/validation.yml:143: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/validation.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/validation.yml:147: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/validation.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/validation.yml:173: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/validation.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/validation.yml:175: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/validation.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/validation.yml:180: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/validation.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/validation.yml:184: update your workflow using https://app.stepsecurity.io/secureworkflow/apereo/cas/validation.yml/master?enable=pin","Warn: containerImage not pinned by hash: ci/tests/gcp/Dockerfile:1: pin your Docker image by updating gcr.io/google.com/cloudsdktool/google-cloud-cli:533.0.0-alpine to gcr.io/google.com/cloudsdktool/google-cloud-cli:533.0.0-alpine@sha256:b219424813721ddeebaf1924a6663dbf18b1e46301c05907540d53485732bd26","Warn: containerImage not pinned by hash: ci/tests/postgres/Dockerfile:1: pin your Docker image by updating library/postgres:17 to library/postgres:17@sha256:0d5b8e334c933cec2fb09b4b6489fb7fb83a0c63cf7ded3528d8b6a8d5cddf4f","Warn: containerImage not pinned by hash: ci/tests/puppeteer/docker/Dockerfile:2","Warn: containerImage not pinned by hash: ci/tests/puppeteer/scenarios/oidc-login-strapi/strapi/Dockerfile:1: pin your Docker image by updating node:20 to node:20@sha256:5fe79eb196c563d65d0db21fa5cd5e170ef0869541ddc89808d7431a5a4498e6","Warn: npmCommand not pinned by hash: ci/docs/publish.sh:305","Warn: npmCommand not pinned by hash: ci/tests/perf/perftests-artillery.sh:129","Warn: pipCommand not pinned by hash: ci/tests/perf/perftests-locust.sh:72","Warn: pipCommand not pinned by hash: ci/tests/perf/perftests-locust.sh:78","Warn: pipCommand not pinned by hash: ci/tests/perf/perftests-locust.sh:81","Warn: npmCommand not pinned by hash: ci/tests/puppeteer/run.sh:493","Info:   0 out of 100 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of  70 third-party GitHubAction dependencies pinned","Info:   0 out of   3 pipCommand dependencies pinned","Info:   0 out of   4 containerImage dependencies pinned","Info:   0 out of   3 npmCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}}]},"last_synced_at":"2025-08-15T03:49:30.581Z","repository_id":37664221,"created_at":"2025-08-15T03:49:30.581Z","updated_at":"2025-08-15T03:49:30.581Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29641937,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-02-20T03:21:14.183Z","status":"ssl_error","status_checked_at":"2026-02-20T03:18:24.455Z","response_time":59,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["authentication","authorization","aws","duosecurity","fido","identity-provider","java","ldap-authentication","mfa","oauth2","open-source","openidconnect","saml2","spring-boot","spring-cloud","spring-framework","spring-webflow","sso","sso-authentication","websso"],"created_at":"2024-07-30T19:01:04.401Z","updated_at":"2026-02-20T05:05:11.573Z","avatar_url":"https://github.com/apereo.png","language":"Java","readme":"\u003cp align=\"center\"\u003e\n\u003cimg src=\"https://github.com/user-attachments/assets/c2daa28c-cdfb-42a7-8333-db967cc3cce7\"\u003e\n\u003c/p\u003e\n\n# Central Authentication Service (CAS)\n\n[![License](https://img.shields.io/hexpm/l/plug.svg?style=for-the-badge\u0026logo=apache)](https://github.com/apereo/cas/blob/master/LICENSE)\n[![Slack](https://img.shields.io/badge/Slack-join%20chat-blue.svg?style=for-the-badge\u0026logo=slack)][casslack]\n[![Support](https://img.shields.io/badge/Support-Mailing%20Lists-green.svg?colorB=ff69b4\u0026style=for-the-badge)][cassupport]\n\n## Introduction\n\nWelcome to the home of the [Central Authentication Service project][apereocas], more commonly referred to as CAS. CAS is an\nenterprise multilingual identity provider and single sign-on solution for the web and attempts to \nbe a comprehensive platform for your authentication and authorization needs.\n\nCAS is an open and well-documented authentication protocol. The primary implementation of the protocol is an open-source Java server\ncomponent by the same name hosted here, with support for a plethora of additional authentication protocols and features such a SAML2, OpenID Connect, MFA \nand many many more.\n\n## Contributions\n\n[![Contributing Guide](https://img.shields.io/badge/Contributions-guide-green.svg?style=for-the-badge\u0026logo=github)][contribute]\n[![Open Pull Requests](https://img.shields.io/github/issues-pr/apereo/cas.svg?style=for-the-badge\u0026logo=github)][contribute]\n\n- [How to contribute][contribute]\n\nIf you have already identified an enhancement or a bug, it is STRONGLY recommended that you submit a pull request to address the case.\nThere is no need for special ceremony to create separate issues. The pull request IS the issue and it will be tracked and tagged as such.\n\n\u003ca href=\"https://github.com/apereo/cas/graphs/contributors\"\u003e\n  \u003cimg src=\"https://contrib.rocks/image?repo=apereo/cas\" alt=\"Contributors\"/\u003e\n\u003c/a\u003e\n\n## Documentation [![Javadoc](https://img.shields.io/badge/Documentation-Javadoc-ff69b4.svg?style=for-the-badge\u0026logo=readme)][casjavadocs]\n\n| Version                                                                                    | Reference                                        |\n|--------------------------------------------------------------------------------------------|--------------------------------------------------|\n| ![](https://img.shields.io/badge/Development-WIP-blue.svg?style=for-the-badge\u0026logo=github) | [Link](https://apereo.github.io/cas/development) |\n| ![](https://img.shields.io/badge/7.2.x-Current-green.svg?style=for-the-badge\u0026logo=github)  | [Link](https://apereo.github.io/cas/7.2.x)       |\n| ![](https://img.shields.io/badge/7.1.x-Current-green.svg?style=for-the-badge\u0026logo=github)  | [Link](https://apereo.github.io/cas/7.1.x)       |\n\nAdditional resources are available as follows:\n\n- [Apereo Blog][blog]\n- [Release Notes][releasenotes]\n- [Support][cassupport]\n- [Maintenance Policy][maintenance]\n- [Release Schedule][releaseschedule]\n\n## Getting Started\n\n[![Maven Central](https://img.shields.io/maven-central/v/org.apereo.cas/cas-server-webapp?style=for-the-badge\u0026logo=apachemaven)][casmavencentral]\n[![GitHub Releases](https://img.shields.io/github/release/apereo/cas.svg?style=for-the-badge\u0026logo=github)][githubreleases]\n\nIt is recommended to deploy CAS locally using the [WAR Overlay method][overlay]. Cloning or downloading the CAS codebase\nis **ONLY** required if you wish to contribute to the development of the project.\n\nWe recommend that you review [this page][gettingstarted] to get started with your CAS deployment.\n\n## Features\n\nThe following features are supported by the CAS project:\n\n* CAS v1, v2 and v3 Protocol\n* SAML v1 and v2 Protocol\n* OAuth v2 Protocol\n* OpenID Connect Protocol\n* WS-Federation Passive Requestor Protocol\n* Authentication via JAAS, LDAP, RDBMS, X.509, Radius, SPNEGO, JWT, Remote, Apache Cassandra, Trusted, BASIC, MongoDB and more.\n* Delegated (social) authentication to external identity providers such as WS-FED, SAML2, OpenID Connect, OAuth CAS and more.\n* Authorization via Heimdall, OpenFGA, OPA, ABAC, Time/Date, REST, Internet2's Grouper and more.\n* HA clustered deployments via Hazelcast, JPA, Hazelcast, Memcached, Apache Ignite, MongoDB, Redis, DynamoDb, and more.\n* Application registration backed by JSON, LDAP, YAML, Google Cloud, JPA, MongoDB, DynamoDb, Redis and more.\n* Multifactor authentication via Duo Security, Simple MFA, YubiKey, RSA, Google Authenticator, WebAuthn FIDO2 and more.\n* Administrative UIs to manage logging, monitoring, statistics, configuration, client registration and more.\n* Email and SMS notification options via Twilio, Mailgun, SendGrid, Amazon SES and more.\n* User attribute consent and management via LDAP, RDBMS, MongoDB, DynamoDb and more.\n* Global and per-application user interface theme and branding.\n* Password management and password policy enforcement.\n* Integration options with Apache Syncope, SCIM, Swagger, Shibboleth IdP, Keycloak, Okta, and more.\n* Deployment options using Apache Tomcat, Jetty, Undertow, packaged and running as Docker containers.\n\nThe foundations of CAS are built upon: [Spring Boot][springboot] and\n[Spring Cloud][springcloud].\n\n## Development [![Revved up by Develocity](https://img.shields.io/badge/Revved%20up%20by-Develocity-06A0CE?logo=Gradle\u0026labelColor=02303A)][devlocity] [![codecov](https://codecov.io/gh/apereo/cas/branch/master/graph/badge.svg?style=for-the-badge)][cascodecov]\n\n- To build the project locally, please follow [this guide][casbuildprocess].\n- The release schedule is [available here][releaseschedule].\n\n## Support\n\nApereo CAS is 100% free open source software managed by [Apereo](https://www.apereo.org/), licensed under [Apache v2](LICENSE). Our\ncommunity has access to all releases of the CAS software with absolutely no costs. We welcome contributions from our community of all\ntypes and sizes. The time and effort to develop and maintain this project is dedicated by a group\nof [volunteers and contributors][githubcontributors]. \nIf you (or your employer) benefit from this project, please consider becoming a [Friend of Apereo](https://www.apereo.org/friends) and contribute.\n\nCommercial support options may be [found here][cassupport].\n\n[cascodecov]: https://codecov.io/gh/apereo/cas\n[devlocity]: https://develocity.apereo.org\n[maintenance]: https://apereo.github.io/cas/developer/Maintenance-Policy.html\n[releaseschedule]: https://github.com/apereo/cas/milestones\n[wiki]: https://apereo.github.io/cas\n[githubreleases]: https://github.com/apereo/cas/releases\n[gettingstarted]: https://apereo.github.io/cas/development/planning/Getting-Started.html\n[overlay]: https://apereo.github.io/cas/development/installation/WAR-Overlay-Installation.html\n[contribute]: https://apereo.github.io/cas/developer/Contributor-Guidelines.html\n[cassonatype]: https://oss.sonatype.org/content/repositories/snapshots/org/apereo/cas/\n[casmavencentral]: https://search.maven.org/search?q=g:org.apereo.cas\n[releasenotes]: https://github.com/apereo/cas/releases\n[cassupport]: https://apereo.github.io/cas/Support.html\n[casslack]: https://apereo.slack.com/\n[blog]: https://apereo.github.io/\n[casbuildprocess]: https://apereo.github.io/cas/developer/Build-Process.html\n[githubcontributors]: https://github.com/apereo/cas/graphs/contributors\n[casjavadocs]: https://www.javadoc.io/doc/org.apereo.cas\n[apereocas]: https://www.apereo.org/projects/cas\n[springboot]: https://projects.spring.io/spring-boot/\n[springcloud]: https://projects.spring.io/spring-cloud/\n","funding_links":["https://www.apereo.org/content/apereo-membership"],"categories":["Java","授权、认证","Java (78)","后端开发框架及项目","安全","`Authentication`","aws","Authentication","Tooling— Authentication and Authorization"],"sub_categories":["单点登录(SSO)","管理面板","`SSO (Single-Sign-On)`","SSO"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fapereo%2Fcas","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fapereo%2Fcas","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fapereo%2Fcas/lists"}