{"id":41847110,"url":"https://github.com/camel-lab/muddler","last_synced_at":"2026-01-25T10:03:13.938Z","repository":{"id":57443862,"uuid":"288376182","full_name":"CAMeL-Lab/muddler","owner":"CAMeL-Lab","description":"The Muddler derived-file sharing utility.","archived":false,"fork":false,"pushed_at":"2023-02-17T12:09:49.000Z","size":26,"stargazers_count":2,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-09-09T22:06:09.207Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/CAMeL-Lab.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2020-08-18T06:40:00.000Z","updated_at":"2023-01-26T09:43:13.000Z","dependencies_parsed_at":"2025-09-09T20:33:34.865Z","dependency_job_id":"8c7ccefe-0da9-4a34-975a-84b4f58423e6","html_url":"https://github.com/CAMeL-Lab/muddler","commit_stats":null,"previous_names":[],"tags_count":3,"template":false,"template_full_name":null,"purl":"pkg:github/CAMeL-Lab/muddler","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/CAMeL-Lab%2Fmuddler","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/CAMeL-Lab%2Fmuddler/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/CAMeL-Lab%2Fmuddler/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/CAMeL-Lab%2Fmuddler/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/CAMeL-Lab","download_url":"https://codeload.github.com/CAMeL-Lab/muddler/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/CAMeL-Lab%2Fmuddler/sbom","scorecard":{"id":25625,"data":{"date":"2025-08-11","repo":{"name":"github.com/CAMeL-Lab/muddler","commit":"f567423af4b40ce1cbeefea99025f1853252de08"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":3,"checks":[{"name":"Code-Review","score":0,"reason":"Found 0/10 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Dangerous-Workflow","score":-1,"reason":"no workflows found","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"SAST","score":0,"reason":"no SAST tool detected","details":["Warn: no pull requests merged into dev branch"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Token-Permissions","score":-1,"reason":"No tokens found","details":null,"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Pinned-Dependencies","score":-1,"reason":"no dependencies found","details":null,"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: MIT License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'master'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}}]},"last_synced_at":"2025-08-14T17:48:14.929Z","repository_id":57443862,"created_at":"2025-08-14T17:48:14.930Z","updated_at":"2025-08-14T17:48:14.930Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28751072,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-25T09:58:17.166Z","status":"ssl_error","status_checked_at":"2026-01-25T09:55:56.104Z","response_time":113,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2026-01-25T10:03:10.719Z","updated_at":"2026-01-25T10:03:13.926Z","avatar_url":"https://github.com/CAMeL-Lab.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Muddler\n\n## About\n\nMuddler is a tool for sharing derived data.\n\nIt is sometimes necessary to share data publicly that has been derived from a\nnon-public source without sharing the source itself.\nMuddler solves this issue by \"subtracting\" the source data from the target\n(or derived) data, a process we call *muddling*.\nThis generates a *muddled package* that can be distributed publicly.\nIn order to retrieve the target data, users must first acquire the derived data\nthrough proper channels and can then *unmuddle* the *muddled package* through\nMuddler to generate the target data.\n\nThis is particularly useful when the derived data cannot be trivially\nreconstructd from the source data such as human annotated/modified data.\n\n**Please make sure that the source license permits creating derived work!**\n\n## Installation\n\nMuddler requires Python 3.6+ to install.\n\nTo install using pip, just run:\n\n```bash\npip install muddler\n```\n\n## Usage\n\n```text\nUsage: muddler muddle -s \u003cSRC_PATH\u003e -t \u003cTRG_PATH\u003e \u003cMUDDLED_PATH\u003e\n       muddler muddle -c \u003cCONFIG\u003e -s \u003cSRC_PATH\u003e -t \u003cTRG_PATH\u003e \u003cMUDDLED_PATH\u003e\n       muddler unmuddle -s \u003cSRC_FILE\u003e -m \u003cMUDDLED_PATH\u003e \u003cTARGET_OUT\u003e\n       muddler (-h | --help)\n       muddler (-v | --version)\n\nOptions:\n    -h, --help\n        Print help message.\n    -v, --version\n        Print muddler version\n    -c \u003cCONFIG\u003e\n        Path to muddler config file.\n    -s \u003cSRC_PATH\u003e\n        Path to source file or directory. When \u003cCONFIG\u003e is not specified in\n        muddle mode, SRC_PATH must point to a file and not a directory.\n    -t \u003cTRG_PATH\u003e\n        Path to target file or directory. When \u003cCONFIG\u003e is not specified in\n        muddle mode, TRG_PATH must point to a file and not a directory.\n    -m \u003cMUDDLED_PATH\u003e\n        Path to muddled package to be unmuddled.\n```\n\nMuddler runs two modes: muddle mode for generating muddled packages,\nand unmuddle mode to extract targets from a muddled file.\n\n### Muddle Mode\n\nThe simplest example for muddling is when both the source and the target are\nsingle files.\n\nFor example:\n\n```bash\nmuddler muddle -s /path/to/source_file -t /path/to/target_file /path/to/my_package.muddle\n```\n\nNote that the muddled package doesn't have to end with the *.muddle* extension.\n\nWhen at least one of either the source or target is a directory (ie the source\ndata is composed of multiple files), we must additionally pass a config file to\nmuddler.\n\nFor example:\n\n```bash\nmuddler muddle -c /path/to/config_file -s /path/to/source_dir -t /path/to/target_file /path/to/my_package.muddle\n```\n\nThe config file provides muddler with a mapping on which source file(s) where\nused to derive the target(s). See the [Config Format](#config-format) section\nfor more information.\n\n### Unmuddle Mode\n\nTo unmuddle a muddled package, one must first acquire the source files from\nwhich the muddled data is derived from. The acquired source file or directory\nmust be exactly the same both in directory structure, file names, and\nfile contents (byte for byte).\n\nOnce the source files have been acquired, the muddled package can be\nunmuddled by running:\n\n```bash\nmuddler unmuddle -s /path/to/source -m /path/to/my_package.muddle /path/to/target_output\n```\n\nThe generated target will either be a single file or a directory depending on\nthe target used for muddling.\n\n## Config Format\n\nBelow is a documented configuration file that structure in general:\n\n```text\n- This is a comment! All comments begin with '-' must be on their own individual lines.\n- Comments are ignored by muddler and are used for documentation and organizational purposes.\n    - Comments can be preceeded by whitespace as well.\n\n- The first section in a config file is a header that tells muddler what kind of source and\n- target to expect as well as which muddling algorithm to use.\n\n- The TARGET_TYPE and SOURCE_TYPE headers tell muddler whether to expect a file or directory\n- for target and source respectively. A value of 'file' indicates a single file, while 'dir'\n- indicates a directory.\n##TARGET_TYPE dir\n##SOURCE_TYPE dir\n\n- The algorithm version tells muddler what algorithm to use to create the muddled package.\n- At the moment only one algorithm ('1') is available but the field is required for backwards\n- compatibility when new algorithms are added.\n##ALGORITHM_VERSION 1\n\n\n- After specifying the header, we can start specifying targets and their respective sources.\n- For a 'dir' target, each target entry consists of a relative path within the target directory.\n- For example, if the absolut path to the target directory is '/home/username/target', then\n- the below target entry specifies source for the file at '/home/username/target/target_01.txt'.\n- Note that each target path MUST start with '/'.\n- All speaces after #TARGET and the first '/' character are ignored, but there needs\n- to be at least one.\n- Note that any whitespace at the end of a line is NOT IGNORED.\n- This is because valid filenames can include whitespace.\n#TARGET   /target_01.txt\n    - Each target must provide a list of sources used to derive it.\n    - This list has to be unique.\n    - Similar to targets, each source is a relative path to a file within the source directory.\n    - They must also start with a '/' character and proceeding whitespaces are NOT IGNORED.\n    - Preceeding whitespace is ignored though.\n    /source_01.txt\n    /source_02.txt\n\n- Both target and source paths can point to files in subdirectories.\n#TARGET   /sub/target_02.txt\n    /source_01.txt\n    /sub/source_03.txt\n\n- Each target entry must have a unique target path.\n- So adding the following entry would cause an error:\n#TARGET   /target_01.txt\n    /source_01.txt\n    /source_02.txt\n```\n\nAdditional rules apply when either target or source are single files.\n\nWhen target is a single file, the config file should include only one target entry where the\ntarget path is '/' as so:\n\n```text\n##TARGET_TYPE file\n##SOURCE_TYPE dir\n##ALGORITHM_VERSION 1\n\n#TARGET   /\n    /source_01.txt\n    /source_02.txt\n```\n\nIf source is a single file then target entries should not be followed by any source lines as so:\n\n```text\n##TARGET_TYPE dir\n##SOURCE_TYPE file\n##ALGORITHM_VERSION 1\n\n#TARGET   /target_01.txt\n#TARGET   /target_02.txt\n#TARGET   /sub/target_03.txt\n```\n\n## License\n\nMuddler is available under the MIT license.\nSee the [LICENSE](/LICENSE) file for more info.\n\n## Contributors\n\n- [Ossama Obeid](https://github.com/owo)\n- [Nizar Habash](https://github.com/nizarhabash1)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcamel-lab%2Fmuddler","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcamel-lab%2Fmuddler","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcamel-lab%2Fmuddler/lists"}