{"id":13688265,"url":"https://github.com/bacalhau-project/bacalhau","last_synced_at":"2026-03-17T21:38:43.096Z","repository":{"id":37037530,"uuid":"424996787","full_name":"bacalhau-project/bacalhau","owner":"bacalhau-project","description":"Community-driven, simple, yet powerful framework for fast, cost-effective distributed Compute over Data.","archived":false,"fork":false,"pushed_at":"2026-03-06T02:33:39.000Z","size":198827,"stargazers_count":851,"open_issues_count":82,"forks_count":102,"subscribers_count":25,"default_branch":"main","last_synced_at":"2026-03-08T14:11:12.463Z","etag":null,"topics":["ai-art","ai-data-collection","ai-pipeline","batch-processing","bioinformatics-pipeline","data-analysis","data-engineering","data-science","decentralized","decentralized-computing","distributed","gene-sequencing","insulators","iot","logging-framework","orchestration-framework","p2p","video-processing"],"latest_commit_sha":null,"homepage":"https://docs.bacalhau.org","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/bacalhau-project.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2021-11-05T15:30:29.000Z","updated_at":"2026-03-03T19:34:17.000Z","dependencies_parsed_at":"2023-10-02T11:42:51.682Z","dependency_job_id":"aa1858c5-a307-4e79-8dc3-0e6533076572","html_url":"https://github.com/bacalhau-project/bacalhau","commit_stats":{"total_commits":4075,"total_committers":76,"mean_commits":53.61842105263158,"dds":0.8017177914110429,"last_synced_commit":"067717d3aa8a460e4ad5676bbbd0d11c9ec81ce5"},"previous_names":["filecoin-project/bacalhau"],"tags_count":270,"template":false,"template_full_name":null,"purl":"pkg:github/bacalhau-project/bacalhau","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bacalhau-project%2Fbacalhau","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bacalhau-project%2Fbacalhau/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bacalhau-project%2Fbacalhau/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bacalhau-project%2Fbacalhau/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/bacalhau-project","download_url":"https://codeload.github.com/bacalhau-project/bacalhau/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bacalhau-project%2Fbacalhau/sbom","scorecard":{"id":222463,"data":{"date":"2025-08-11","repo":{"name":"github.com/bacalhau-project/bacalhau","commit":"942823bbb893e9dfeedca16bd151e2f15228a198"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":4.5,"checks":[{"name":"Code-Review","score":8,"reason":"Found 8/10 approved changesets -- score normalized to 8","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Maintained","score":10,"reason":"30 commit(s) and 2 issue activity found in the last 90 days -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Info: jobLevel 'contents' permission set to 'read': .github/workflows/_docker_publish.yml:22","Info: jobLevel 'contents' permission set to 'read': .github/workflows/_s3_publish.yml:36","Warn: no topLevel permission defined: .github/workflows/_build.yml:1","Warn: no topLevel permission defined: .github/workflows/_docker_publish.yml:1","Warn: no topLevel permission defined: .github/workflows/_s3_publish.yml:1","Warn: no topLevel permission defined: .github/workflows/_static-analysis.yml:1","Warn: no topLevel permission defined: .github/workflows/_test.yml:1","Warn: no topLevel permission defined: .github/workflows/_test_container.yml:1","Warn: no topLevel permission defined: .github/workflows/_test_coverage.yml:1","Info: topLevel 'contents' permission set to 'read': .github/workflows/main.yml:10","Info: topLevel 'actions' permission set to 'read': .github/workflows/main.yml:11","Warn: topLevel 'packages' permission set to 'write': .github/workflows/main.yml:12","Info: topLevel 'contents' permission set to 'read': .github/workflows/pr-checks.yml:8","Info: topLevel 'actions' permission set to 'read': .github/workflows/pr-checks.yml:9","Warn: topLevel 'checks' permission set to 'write': .github/workflows/pr-checks.yml:10","Info: topLevel 'contents' permission set to 'read': .github/workflows/release.yml:18","Info: topLevel 'actions' permission set to 'read': .github/workflows/release.yml:19","Warn: topLevel 'packages' permission set to 'write': .github/workflows/release.yml:20","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: Apache License 2.0: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Branch-Protection","score":8,"reason":"branch protection is not maximal on development and all release branches","details":["Info: 'allow deletion' disabled on branch 'main'","Info: 'force pushes' disabled on branch 'main'","Warn: 'branch protection settings apply to administrators' is disabled on branch 'main'","Warn: required approving review count is 1 on branch 'main'","Warn: codeowners review is not required on branch 'main'","Info: status check found to merge onto on branch 'main'","Info: PRs are required in order to make changes on branch 'main'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Signed-Releases","score":0,"reason":"Project has not signed or included provenance with any releases.","details":["Warn: release artifact v1.7.0 not signed: https://api.github.com/repos/bacalhau-project/bacalhau/releases/207869608","Warn: release artifact v1.7.0-rc2 not signed: https://api.github.com/repos/bacalhau-project/bacalhau/releases/207856936","Warn: release artifact v1.7.0-rc1 not signed: https://api.github.com/repos/bacalhau-project/bacalhau/releases/206853105","Warn: release artifact v1.6.5 not signed: https://api.github.com/repos/bacalhau-project/bacalhau/releases/204599733","Warn: release artifact v1.7.0 does not have provenance: https://api.github.com/repos/bacalhau-project/bacalhau/releases/207869608","Warn: release artifact v1.7.0-rc2 does not have provenance: https://api.github.com/repos/bacalhau-project/bacalhau/releases/207856936","Warn: release artifact v1.7.0-rc1 does not have provenance: https://api.github.com/repos/bacalhau-project/bacalhau/releases/206853105","Warn: release artifact v1.6.5 does not have provenance: https://api.github.com/repos/bacalhau-project/bacalhau/releases/204599733"],"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Info: Possibly incomplete results: error parsing shell code: invalid parameter name: ops/images/build_container/DOCKERFILE:2","Info: Possibly incomplete results: error parsing shell code: invalid parameter name: ops/images/build_container/DOCKERFILE:3","Info: Possibly incomplete results: error parsing shell code: \"done\" can only be used to end a loop: benchmark/submit.sh:0","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/_build.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/bacalhau-project/bacalhau/_build.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/_build.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/bacalhau-project/bacalhau/_build.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/_docker_publish.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/bacalhau-project/bacalhau/_docker_publish.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/_docker_publish.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/bacalhau-project/bacalhau/_docker_publish.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/_docker_publish.yml:45: update your workflow using https://app.stepsecurity.io/secureworkflow/bacalhau-project/bacalhau/_docker_publish.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/_docker_publish.yml:48: update your workflow using https://app.stepsecurity.io/secureworkflow/bacalhau-project/bacalhau/_docker_publish.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/_docker_publish.yml:51: update your workflow using https://app.stepsecurity.io/secureworkflow/bacalhau-project/bacalhau/_docker_publish.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/_docker_publish.yml:144: update your workflow using https://app.stepsecurity.io/secureworkflow/bacalhau-project/bacalhau/_docker_publish.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/_docker_publish.yml:160: update your workflow using https://app.stepsecurity.io/secureworkflow/bacalhau-project/bacalhau/_docker_publish.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/_s3_publish.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/bacalhau-project/bacalhau/_s3_publish.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/_s3_publish.yml:46: update your workflow using https://app.stepsecurity.io/secureworkflow/bacalhau-project/bacalhau/_s3_publish.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/_s3_publish.yml:67: update your workflow using https://app.stepsecurity.io/secureworkflow/bacalhau-project/bacalhau/_s3_publish.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/_static-analysis.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/bacalhau-project/bacalhau/_static-analysis.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/_static-analysis.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/bacalhau-project/bacalhau/_static-analysis.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/_static-analysis.yml:54: update your workflow using https://app.stepsecurity.io/secureworkflow/bacalhau-project/bacalhau/_static-analysis.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/_test.yml:78: update your workflow using https://app.stepsecurity.io/secureworkflow/bacalhau-project/bacalhau/_test.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/_test.yml:81: update your workflow using https://app.stepsecurity.io/secureworkflow/bacalhau-project/bacalhau/_test.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/_test.yml:132: update your workflow using https://app.stepsecurity.io/secureworkflow/bacalhau-project/bacalhau/_test.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/_test.yml:159: update your workflow using https://app.stepsecurity.io/secureworkflow/bacalhau-project/bacalhau/_test.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/_test_container.yml:70: update your workflow using https://app.stepsecurity.io/secureworkflow/bacalhau-project/bacalhau/_test_container.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/_test_container.yml:75: update your workflow using https://app.stepsecurity.io/secureworkflow/bacalhau-project/bacalhau/_test_container.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/_test_container.yml:118: update your workflow using https://app.stepsecurity.io/secureworkflow/bacalhau-project/bacalhau/_test_container.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/_test_container.yml:128: update your workflow using https://app.stepsecurity.io/secureworkflow/bacalhau-project/bacalhau/_test_container.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/_test_coverage.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/bacalhau-project/bacalhau/_test_coverage.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/_test_coverage.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/bacalhau-project/bacalhau/_test_coverage.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/_test_coverage.yml:98: update your workflow using https://app.stepsecurity.io/secureworkflow/bacalhau-project/bacalhau/_test_coverage.yml/main?enable=pin","Warn: containerImage not pinned by hash: docker-compose-deployment/Dockerfile-ClientNode:2: pin your Docker image by updating docker:dind to docker:dind@sha256:c0872aae4791ff427e6eda52769afa04f17b5cf756f8267e0d52774c99d5c9de","Warn: containerImage not pinned by hash: docker-compose-deployment/Dockerfile-ComputeNode:2: pin your Docker image by updating docker:dind to docker:dind@sha256:c0872aae4791ff427e6eda52769afa04f17b5cf756f8267e0d52774c99d5c9de","Warn: containerImage not pinned by hash: docker-compose-deployment/Dockerfile-DockerImageRegistryNode:1: pin your Docker image by updating registry:2 to registry:2@sha256:a3d8aaa63ed8681a604f1dea0aa03f100d5895b6a58ace528858a7b332415373","Warn: containerImage not pinned by hash: docker-compose-deployment/Dockerfile-RequesterNode:2: pin your Docker image by updating docker:dind to docker:dind@sha256:c0872aae4791ff427e6eda52769afa04f17b5cf756f8267e0d52774c99d5c9de","Warn: containerImage not pinned by hash: docker/bacalhau-base/Dockerfile:1: pin your Docker image by updating ubuntu:24.04 to ubuntu:24.04@sha256:7c06e91f61fa88c08cc74f7e1b7c69ae24910d745357e0dfe1d2c0322aaf20f9","Warn: containerImage not pinned by hash: docker/bacalhau-dind/Dockerfile:1: pin your Docker image by updating docker:dind to docker:dind@sha256:c0872aae4791ff427e6eda52769afa04f17b5cf756f8267e0d52774c99d5c9de","Warn: containerImage not pinned by hash: docker/ignite-image/Dockerfile:1: pin your Docker image by updating weaveworks/ignite-ubuntu to weaveworks/ignite-ubuntu@sha256:11550e0912d24aeaad847f06fdf2133302f2af2fd2ce231723d078ffce9216ba","Warn: containerImage not pinned by hash: integration/flyte/plugins/Dockerfile:1: pin your Docker image by updating python:3.8-slim-buster to python:3.8-slim-buster@sha256:8799b0564103a9f36cfb8a8e1c562e11a9a6f2e3bb214e2adc23982b36a04511","Warn: containerImage not pinned by hash: integration/flyte/plugins/flytekit-bacalhau/examples/Dockerfile:1: pin your Docker image by updating python:3.8-slim-buster to python:3.8-slim-buster@sha256:8799b0564103a9f36cfb8a8e1c562e11a9a6f2e3bb214e2adc23982b36a04511","Warn: containerImage not pinned by hash: ops/images/build_container/DOCKERFILE:1: pin your Docker image by updating golang:1.18.3-buster to golang:1.18.3-buster@sha256:7acdbec4276ce3c8915ffa03148bd4b41dfb46a190fd1242e9df5b11061d282d","Warn: containerImage not pinned by hash: pkg/executor/docker/gateway/Dockerfile:32: pin your Docker image by updating ubuntu:22.04 to ubuntu:22.04@sha256:1aa979d85661c488ce030ac292876cf6ed04535d3a237e49f61542d8e5de5ae0","Warn: containerImage not pinned by hash: test_integration/common_assets/dockerfiles/Dockerfile-ComputeNode:2: pin your Docker image by updating docker:dind to docker:dind@sha256:c0872aae4791ff427e6eda52769afa04f17b5cf756f8267e0d52774c99d5c9de","Warn: containerImage not pinned by hash: test_integration/common_assets/dockerfiles/Dockerfile-DockerImageRegistryNode:1: pin your Docker image by updating registry:2 to registry:2@sha256:a3d8aaa63ed8681a604f1dea0aa03f100d5895b6a58ace528858a7b332415373","Warn: containerImage not pinned by hash: test_integration/common_assets/dockerfiles/Dockerfile-JumpboxNode:2: pin your Docker image by updating alpine:latest to alpine:latest@sha256:4bcff63911fcb4448bd4fdacec207030997caf25e9bea4045fa6c8c44de311d1","Warn: containerImage not pinned by hash: test_integration/common_assets/dockerfiles/Dockerfile-OrchestratorNode:2: pin your Docker image by updating alpine:latest to alpine:latest@sha256:4bcff63911fcb4448bd4fdacec207030997caf25e9bea4045fa6c8c44de311d1","Warn: containerImage not pinned by hash: test_integration/common_assets/dockerfiles/Dockerfile-TraefikNode:2: pin your Docker image by updating traefik:3.2 to traefik:3.2@sha256:e561a37f8710d9cf41c78bdf421d822b2c0b48267ec0552e644565fb55466ea9","Warn: containerImage not pinned by hash: test_integration/common_assets/dockerfiles/Dockerfile-UbuntuOrchestratorNode:1: pin your Docker image by updating ubuntu:24.04 to ubuntu:24.04@sha256:7c06e91f61fa88c08cc74f7e1b7c69ae24910d745357e0dfe1d2c0322aaf20f9","Warn: downloadThenRun not pinned by hash: docker-compose-deployment/Dockerfile-ClientNode:20","Warn: downloadThenRun not pinned by hash: docker-compose-deployment/Dockerfile-ComputeNode:20","Warn: downloadThenRun not pinned by hash: docker-compose-deployment/Dockerfile-RequesterNode:20","Warn: pipCommand not pinned by hash: docker/ignite-image/Dockerfile:2-4","Warn: pipCommand not pinned by hash: integration/flyte/plugins/Dockerfile:10","Warn: pipCommand not pinned by hash: integration/flyte/plugins/flytekit-bacalhau/examples/Dockerfile:8","Warn: downloadThenRun not pinned by hash: test_integration/common_assets/dockerfiles/Dockerfile-JumpboxNode:11","Warn: pipCommand not pinned by hash: ops/install_pre_commit.sh:2","Warn: downloadThenRun not pinned by hash: ops/marketplace-tf/modules/instance_files/install-bacalhau.sh:25","Warn: downloadThenRun not pinned by hash: ops/marketplace-tf/modules/instance_files/install-bacalhau.sh:138","Warn: pipCommand not pinned by hash: ops/repo_init.sh:2","Warn: pipCommand not pinned by hash: ops/repo_init.sh:3","Warn: downloadThenRun not pinned by hash: ops/terraform/remote_files/scripts/install-node.sh:44","Warn: downloadThenRun not pinned by hash: ops/terraform/remote_files/scripts/install-node.sh:128","Warn: goCommand not pinned by hash: scripts/generate_swagger.sh:15","Warn: downloadThenRun not pinned by hash: scripts/testing-setup/build-ami/scripts/setup_node.sh:12","Warn: pipCommand not pinned by hash: .github/workflows/_static-analysis.yml:47","Warn: goCommand not pinned by hash: .github/workflows/_test.yml:87","Warn: goCommand not pinned by hash: .github/workflows/_test_container.yml:81","Warn: goCommand not pinned by hash: .github/workflows/_test_coverage.yml:36","Info:   0 out of  17 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of   9 third-party GitHubAction dependencies pinned","Info:   0 out of  17 containerImage dependencies pinned","Info:   0 out of   9 downloadThenRun dependencies pinned","Info:   0 out of   7 pipCommand dependencies pinned","Info:   0 out of   4 goCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 30 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":0,"reason":"85 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: PYSEC-2025-49 / GHSA-5rjg-fvgr-3xxf","Warn: Project is vulnerable to: GHSA-cx63-2mw6-8hw5","Warn: Project is vulnerable to: PYSEC-2022-43012 / GHSA-r9hx-vwmv-q579","Warn: Project is vulnerable to: GHSA-34jh-p97f-mpxf","Warn: Project is vulnerable to: PYSEC-2023-212 / GHSA-g4mx-q9vg-27p4","Warn: Project is vulnerable to: PYSEC-2023-207 / GHSA-gwvm-45gx-3cf8","Warn: Project is vulnerable to: PYSEC-2019-133 / GHSA-mh33-7rrq-662w","Warn: Project is vulnerable to: GHSA-pq67-6m6q-mj2v","Warn: Project is vulnerable to: PYSEC-2019-132 / GHSA-r64q-w8jr-g9qp","Warn: Project is vulnerable to: PYSEC-2023-192 / GHSA-v845-jxx5-vc9f","Warn: Project is vulnerable to: PYSEC-2020-148 / GHSA-wqvq-5m8c-6g24","Warn: Project is vulnerable to: PYSEC-2018-32 / GHSA-www2-v7xj-xrc6","Warn: Project is vulnerable to: PYSEC-2021-108","Warn: Project is vulnerable to: PYSEC-2020-92 / GHSA-hj5v-574p-mj7c","Warn: Project is vulnerable to: PYSEC-2022-42969","Warn: Project is vulnerable to: GO-2025-3829","Warn: Project is vulnerable to: GO-2025-3553 / GHSA-mh63-6h87-95cp","Warn: Project is vulnerable to: GO-2024-3218","Warn: Project is vulnerable to: GO-2024-3141 / GHSA-c77r-fh37-x2px","Warn: Project is vulnerable to: GO-2025-3660 / GHSA-6m8w-jc87-6cr7","Warn: Project is vulnerable to: GO-2024-2978 / GHSA-xr7q-jx4m-x55m","Warn: Project is vulnerable to: GHSA-9548-qrrj-x5pj","Warn: Project is vulnerable to: GHSA-5r62-mjf5-xwhj","Warn: Project is vulnerable to: PYSEC-2024-48 / GHSA-fj7x-q9j7-g6q6","Warn: Project is vulnerable to: PYSEC-2024-230 / GHSA-248v-346w-9cwc","Warn: Project is vulnerable to: GHSA-3ww4-gg4f-jr7f","Warn: Project is vulnerable to: PYSEC-2024-225 / GHSA-6vqw-3v5j-54x4","Warn: Project is vulnerable to: GHSA-9v9h-cgj8-h64p","Warn: Project is vulnerable to: GHSA-h4gh-qq45-vh27","Warn: Project is vulnerable to: GHSA-99pm-ch96-ccp2","Warn: Project is vulnerable to: GHSA-fw5r-6m3x-rh7p","Warn: Project is vulnerable to: PYSEC-2025-15 / GHSA-p8q5-cvwx-wvwp","Warn: Project is vulnerable to: GHSA-hc5x-x2vx-497g","Warn: Project is vulnerable to: PYSEC-2023-117","Warn: Project is vulnerable to: GHSA-9hjg-9r4m-mvj7","Warn: Project is vulnerable to: GHSA-9wx4-h78v-vm56","Warn: Project is vulnerable to: GHSA-jfmj-5v4g-7637","Warn: Project is vulnerable to: PYSEC-2023-120 / GHSA-45c4-8wx5-qw6w","Warn: Project is vulnerable to: PYSEC-2024-24 / GHSA-5h86-8mv2-jq9f","Warn: Project is vulnerable to: GHSA-5m98-qgg9-wh84","Warn: Project is vulnerable to: GHSA-7gpw-8wmc-pm8g","Warn: Project is vulnerable to: GHSA-8495-4g3g-x7pr","Warn: Project is vulnerable to: PYSEC-2024-26 / GHSA-8qpw-xqxj-h4r2","Warn: Project is vulnerable to: PYSEC-2023-246 / GHSA-gfw2-4jvh-wgfg","Warn: Project is vulnerable to: GHSA-pjjw-qhg8-p2p9","Warn: Project is vulnerable to: PYSEC-2023-250 / GHSA-q3qx-c6g2-7pw2","Warn: Project is vulnerable to: PYSEC-2023-251 / GHSA-qvrw-v9rv-5rjx","Warn: Project is vulnerable to: GHSA-m5vv-6r4h-3vj9","Warn: Project is vulnerable to: PYSEC-2023-135 / GHSA-xqr8-7jwr-rhp7","Warn: Project is vulnerable to: GHSA-5cpq-8wj7-hf2v","Warn: Project is vulnerable to: PYSEC-2023-254 / GHSA-jfhm-5ghh-2f97","Warn: Project is vulnerable to: GHSA-jm77-qphf-c4w8","Warn: Project is vulnerable to: GHSA-v8gr-m533-ghj9","Warn: Project is vulnerable to: PYSEC-2024-4 / GHSA-2mqj-m65w-jghx","Warn: Project is vulnerable to: PYSEC-2023-165 / GHSA-cwvm-v4w8-q58c","Warn: Project is vulnerable to: PYSEC-2023-161 / GHSA-wfm5-v35h-vwf4","Warn: Project is vulnerable to: GHSA-496j-2rq6-j6cc","Warn: Project is vulnerable to: PYSEC-2024-60 / GHSA-jjg7-2v4v-x38h","Warn: Project is vulnerable to: GHSA-cpwx-vrp4-4pq7","Warn: Project is vulnerable to: GHSA-gmj6-6f8f-6699","Warn: Project is vulnerable to: GHSA-h5c8-rqwp-cp95","Warn: Project is vulnerable to: GHSA-h75v-3vvj-5mfj","Warn: Project is vulnerable to: GHSA-q2x7-8rv6-6q7h","Warn: Project is vulnerable to: GHSA-8qvm-5x2c-j2w7","Warn: Project is vulnerable to: PYSEC-2023-238 / GHSA-5wvp-7f3h-6wmm","Warn: Project is vulnerable to: PYSEC-2024-161","Warn: Project is vulnerable to: GHSA-j225-cvw7-qrx7","Warn: Project is vulnerable to: PYSEC-2024-187 / GHSA-rqc4-2hc7-8c8v","Warn: Project is vulnerable to: GHSA-8gq9-2x98-w8hf","Warn: Project is vulnerable to: GHSA-48p4-8xcf-vxj5","Warn: Project is vulnerable to: GHSA-79v4-65xg-pq4g","Warn: Project is vulnerable to: GO-2025-3412 / GHSA-36gq-35j3-p9r9","Warn: Project is vulnerable to: GO-2025-3527 / GHSA-m4gq-fm9h-8q75","Warn: Project is vulnerable to: GO-2025-3488 / GHSA-6v2p-p543-phr9","Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw","Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275","Warn: Project is vulnerable to: GHSA-mwcw-c2x4-8c55","Warn: Project is vulnerable to: GHSA-gp8f-8m3g-qvj9","Warn: Project is vulnerable to: GHSA-7gfc-8cq8-jh5f","Warn: Project is vulnerable to: GHSA-7m27-7ghc-44w9","Warn: Project is vulnerable to: GHSA-qpjv-v59x-3qc4","Warn: Project is vulnerable to: GHSA-f82v-jwr5-mffw","Warn: Project is vulnerable to: GHSA-3h52-269p-cp9r","Warn: Project is vulnerable to: GHSA-fjxv-7rqg-78g4","Warn: Project is vulnerable to: GHSA-x7hr-w5r2-h6wg"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-17T02:54:55.407Z","repository_id":37037530,"created_at":"2025-08-17T02:54:55.408Z","updated_at":"2025-08-17T02:54:55.408Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":30632136,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-03-17T17:32:55.572Z","status":"ssl_error","status_checked_at":"2026-03-17T17:32:38.732Z","response_time":56,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ai-art","ai-data-collection","ai-pipeline","batch-processing","bioinformatics-pipeline","data-analysis","data-engineering","data-science","decentralized","decentralized-computing","distributed","gene-sequencing","insulators","iot","logging-framework","orchestration-framework","p2p","video-processing"],"created_at":"2024-08-02T15:01:10.119Z","updated_at":"2026-03-17T21:38:43.071Z","avatar_url":"https://github.com/bacalhau-project.png","language":"Go","funding_links":[],"categories":["Go","data-science","Web 3.0"],"sub_categories":[],"readme":"\u003cp align=\"center\"\u003e\n  \u003ca href=\"https://github.com/bacalhau-project/bacalhau\"\u003e\n    \u003cimg src=\"./docs/logo/Bacalhau-horizontal.svg\" alt=\"Bacalhau\" width=\"300\"/\u003e\n  \u003c/a\u003e\n\u003c/p\u003e\n\n\u003ch1 align=\"center\"\u003eGlobally Distributed Compute Orchestrator ⚡\u003cbr\u003eCompute Over Data (CoD)\u003c/h1\u003e\n\u003cbr\u003e\n\n\u003cp align=\"center\"\u003e\n    \u003ca href=\"https://github.com/bacalhau-project/bacalhau/blob/main/LICENSE\" alt=\"License\"\u003e\n        \u003cimg src=\"https://img.shields.io/badge/license-Apache-green\" /\u003e\n    \u003c/a\u003e\n    \u003ca href=\"https://github.com/bacalhau-project/bacalhau/releases/\" alt=\"Release\"\u003e\n        \u003cimg src=\"https://img.shields.io/github/v/release/bacalhau-project/bacalhau?display_name=tag\" /\u003e\n    \u003c/a\u003e\n    \u003ca href=\"https://github.com/bacalhau-project/bacalhau/pulse\" alt=\"Activity\"\u003e\n        \u003cimg src=\"https://img.shields.io/github/commit-activity/m/bacalhau-project/bacalhau\" /\u003e\n    \u003c/a\u003e\n    \u003ca href=\"https://github.com/bacalhau-project/bacalhau/graphs/contributors\"\u003e\n        \u003cimg src=\"https://img.shields.io/github/contributors/bacalhau-project/bacalhau\" alt=\"Bacalhau contributors\" \u003e\n    \u003c/a\u003e\n    \u003ca href=\"https://www.bacalhau.org/\"\u003e\n        \u003cimg alt=\"Bacalhau website\" src=\"https://img.shields.io/badge/website-bacalhau.org-red\"\u003e\n    \u003c/a\u003e\n    \u003ca href=\"https://bit.ly/bacalhau-project-slack\" alt=\"Slack\"\u003e\n        \u003cimg src=\"https://img.shields.io/badge/slack-join_community-red.svg?color=0052FF\u0026labelColor=090422\u0026logo=slack\" /\u003e\n    \u003c/a\u003e\n    \u003ca href=\"https://twitter.com/intent/follow?screen_name=BacalhauProject\"\u003e\n        \u003cimg src=\"https://img.shields.io/twitter/follow/BacalhauProject?style=social\u0026logo=twitter\" alt=\"follow on Twitter\"\u003e\n    \u003c/a\u003e\n\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\n  \u003ca href=\"https://github.com/bacalhau-project/bacalhau/actions/workflows/main.yml\"\u003e\n    \u003cimg src=\"https://github.com/bacalhau-project/bacalhau/actions/workflows/main.yml/badge.svg\" alt=\"Main Workflow\" /\u003e\n  \u003c/a\u003e\n  \u003ca href=\"https://github.com/bacalhau-project/bacalhau/actions/workflows/release.yml\"\u003e\n    \u003cimg src=\"https://github.com/bacalhau-project/bacalhau/actions/workflows/release.yml/badge.svg\" alt=\"Release Workflow\" /\u003e\n  \u003c/a\u003e\n  \u003ca href=\"https://github.com/bacalhau-project/bacalhau/actions/workflows/pr-checks.yml\"\u003e\n    \u003cimg src=\"https://github.com/bacalhau-project/bacalhau/actions/workflows/pr-checks.yml/badge.svg\" alt=\"PR Checks Workflow\" /\u003e\n  \u003c/a\u003e\n\u003c/p\u003e\n\n## What is Bacalhau?\n\n[Bacalhau](https://www.bacalhau.org/) is an open-source distributed compute orchestration framework designed to bring compute to the data. Instead of moving large datasets around networks, Bacalhau makes it easy to execute jobs close to the data's location, drastically reducing latency and resource overhead.\n\n## Why Bacalhau?\n\n- ⚡ **Fast job processing**: Jobs in Bacalhau are processed where the data was created and all jobs are parallel by default\n- 💰 **Low cost**: Reduce (or eliminate) ingress/egress costs since jobs are processed closer to the source\n- 🔒 **Secure**: Data scrubbing and security can happen before migration, with a granular, code-based permission model\n- 🚛 **Large-scale data**: Process petabytes of data efficiently without massive data transfers\n- 🏢 **Data sovereignty**: Process sensitive data within security boundaries without requiring it to leave your premises\n- 🤝 **Cross-organizational computation**: Allow specific vetted computations on protected datasets without exposing raw data\n\n## Key Features\n\n1. **Single Binary Simplicity**: Bacalhau is a single self-contained binary that functions as a client, orchestrator, and compute node—making it incredibly easy to set up and scale\n   \n2. **Modular Architecture**: Support for multiple execution engines (Docker, WebAssembly) and storage providers through clean interfaces\n\n3. **Orchestrator-Compute Model**: A dedicated orchestrator coordinates job scheduling, while compute nodes run tasks\n\n4. **Flexible Storage Integrations**: Integrates with S3, HTTP/HTTPS, IPFS, and local storage systems\n\n5. **Multiple Job Types**: Support for batch, ops, daemon, and service job types for different workflow requirements\n\n6. **Declarative \u0026 Imperative Submissions**: Define jobs in YAML (declarative) or pass arguments via CLI (imperative)\n\n7. **Publisher Support**: Output results to local volumes, S3, or other storage backends\n\n## Getting Started\n\n### Quick Installation\n\n```bash \n# Install Bacalhau CLI (Linux/macOS)\ncurl -sL https://get.bacalhau.org/install.sh | bash\n\n# Verify installation\nbacalhau version\n```\n\nFor the complete quick start guide, including running your first job, see our [Quick Start Documentation](https://docs.bacalhau.org/getting-started/quick-start).\n\n## Use Cases\n\nBacalhau's distributed compute framework enables a wide range of applications:\n\n- **Log Processing**: Process logs efficiently at scale by running distributed jobs directly at the source\n- **Distributed Data Warehousing**: Query and analyze data across multiple regions without moving large datasets\n- **Fleet Management**: Efficiently manage distributed nodes across multiple environments\n- **Distributed Machine Learning**: Train and deploy ML models across a distributed compute fleet\n- **Edge Computing**: Run compute tasks closer to the data source for applications requiring low latency\n\n## Documentation\n\n📚 [Read the Bacalhau docs guide here](https://docs.bacalhau.org/)! 📚\n\nThe Bacalhau documentation contains all the information you need to get started:\n\n- [Installation Tutorial](https://docs.bacalhau.org/getting-started/installation)\n- [Basic Usage](https://docs.bacalhau.org/getting-started/cli)\n- [Common Workflows](https://docs.bacalhau.org/common-workflows)\n\n## Community \u0026 Contributing\n\nBacalhau has a very friendly community, and we are always happy to help:\n\n- [Join the Slack Community](https://join.slack.com/t/bacalhauproject/shared_invite/zt-1sihp4vxf-TjkbXz6JRQpg2AhetPzYYQ) and go to the `#general` channel - it is the easiest way to engage with other members in the community and get help\n\nIf you are interested in contributing to the Bacalhau project:\n\n- Set up your [local environment](docs/dev/local-env.md)\n- Check out our [Contributing Guide](https://docs.bacalhau.org/community/community/ways-to-contribute)\n- For issues and feature requests, please [open a GitHub issue](https://github.com/bacalhau-project/bacalhau/issues)\n\nWe are excited to hear your feedback!\n\n## Open Source\n\nThis repository contains the Bacalhau software, covered under the [Apache-2.0](./LICENSE) license, except where noted (any Bacalhau logos or trademarks are not covered under the Apache License, and should be explicitly noted by a LICENSE file.)\n\nBacalhau is a product produced from this open source software, exclusively by Expanso, Inc. It is distributed under our commercial terms.\n\nOthers are allowed to make their own distribution of the software, but they cannot use any of the Bacalhau trademarks, cloud services, etc.\n\nWe explicitly grant permission for you to make a build that includes our trademarks while developing Bacalhau software itself. You may not publish or share the build, and you may not use that build to run Bacalhau software for any other purpose.\n\nWe have borrowed the above Open Source clause from the excellent [System Initiative](https://github.com/systeminit/si/blob/main/CONTRIBUTING.md)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbacalhau-project%2Fbacalhau","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fbacalhau-project%2Fbacalhau","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbacalhau-project%2Fbacalhau/lists"}