{"id":13432187,"url":"https://github.com/cloudscribe/cloudscribe","last_synced_at":"2026-02-23T06:01:49.707Z","repository":{"id":20945498,"uuid":"24233934","full_name":"cloudscribe/cloudscribe","owner":"cloudscribe","description":"ASP.NET Core multi-tenant web application foundation with management for sites, users, roles, claims and more ","archived":false,"fork":false,"pushed_at":"2026-02-16T13:14:17.000Z","size":30882,"stargazers_count":1372,"open_issues_count":62,"forks_count":287,"subscribers_count":104,"default_branch":"develop","last_synced_at":"2026-02-19T07:39:57.608Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"C#","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/cloudscribe.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"License.txt","code_of_conduct":"code_of_conduct.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2014-09-19T15:00:15.000Z","updated_at":"2026-02-16T13:14:22.000Z","dependencies_parsed_at":"2023-01-13T21:30:46.897Z","dependency_job_id":"3f652784-daf1-4b1b-8563-f1b48268af7d","html_url":"https://github.com/cloudscribe/cloudscribe","commit_stats":{"total_commits":1629,"total_committers":19,"mean_commits":85.73684210526316,"dds":0.429097605893186,"last_synced_commit":"7578476a08c505a0c7df2b857d3b9b2fe1073811"},"previous_names":["joeaudette/cloudscribe"],"tags_count":15,"template":false,"template_full_name":null,"purl":"pkg:github/cloudscribe/cloudscribe","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cloudscribe%2Fcloudscribe","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cloudscribe%2Fcloudscribe/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cloudscribe%2Fcloudscribe/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cloudscribe%2Fcloudscribe/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/cloudscribe","download_url":"https://codeload.github.com/cloudscribe/cloudscribe/tar.gz/refs/heads/develop","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cloudscribe%2Fcloudscribe/sbom","scorecard":{"id":4892,"data":{"date":"2025-08-11","repo":{"name":"github.com/cloudscribe/cloudscribe","commit":"b693a01dc59ab1d46d1b5703bce989a90c6c4079"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":3.9,"checks":[{"name":"Code-Review","score":0,"reason":"Found 1/11 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Maintained","score":10,"reason":"30 commit(s) and 21 issue activity found in the last 90 days -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/cloudscribe-develop.yml:1","Warn: no topLevel permission defined: .github/workflows/cloudscribe-master.yml:1","Warn: no topLevel permission defined: .github/workflows/nuget-push-to-production.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"License","score":9,"reason":"license file detected","details":["Info: project has a license file: License.txt:0","Warn: project license file does not contain an FSF or OSI license."],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'develop'","Warn: branch protection not enabled for branch 'master'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Packaging","score":10,"reason":"packaging workflow detected","details":["Info: Project packages its releases by way of GitHub Actions.: .github/workflows/cloudscribe-develop.yml:12"],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 30 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cloudscribe-develop.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/cloudscribe/cloudscribe/cloudscribe-develop.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cloudscribe-develop.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/cloudscribe/cloudscribe/cloudscribe-develop.yml/develop?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/cloudscribe-develop.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/cloudscribe/cloudscribe/cloudscribe-develop.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cloudscribe-master.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/cloudscribe/cloudscribe/cloudscribe-master.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cloudscribe-master.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/cloudscribe/cloudscribe/cloudscribe-master.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nuget-push-to-production.yml:10: update your workflow using https://app.stepsecurity.io/secureworkflow/cloudscribe/cloudscribe/nuget-push-to-production.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nuget-push-to-production.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/cloudscribe/cloudscribe/nuget-push-to-production.yml/develop?enable=pin","Warn: nugetCommand not pinned by hash: .github/workflows/cloudscribe-develop.yml:26: pin your dependecies by either enabling central package management (https://learn.microsoft.com/nuget/consume-packages/Central-Package-Management) or using a lockfile (https://learn.microsoft.com/nuget/consume-packages/package-references-in-project-files#locking-dependencies)","Warn: nugetCommand not pinned by hash: .github/workflows/cloudscribe-master.yml:27: pin your dependecies by either enabling central package management (https://learn.microsoft.com/nuget/consume-packages/Central-Package-Management) or using a lockfile (https://learn.microsoft.com/nuget/consume-packages/package-references-in-project-files#locking-dependencies)","Warn: nugetCommand not pinned by hash: .github/workflows/nuget-push-to-production.yml:25: pin your dependecies by either enabling central package management (https://learn.microsoft.com/nuget/consume-packages/Central-Package-Management) or using a lockfile (https://learn.microsoft.com/nuget/consume-packages/package-references-in-project-files#locking-dependencies)","Info:   0 out of   6 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of   1 third-party GitHubAction dependencies pinned","Info:   0 out of   3 nugetCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Vulnerabilities","score":1,"reason":"9 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw","Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg","Warn: Project is vulnerable to: GHSA-wxhq-pm8v-cw75","Warn: Project is vulnerable to: GHSA-35jh-r3h4-6jhm","Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv","Warn: Project is vulnerable to: GHSA-7fh5-64p2-3v2j","Warn: Project is vulnerable to: GHSA-m6fv-jmcg-4jfg","Warn: Project is vulnerable to: GHSA-cm22-4g7w-348p","Warn: Project is vulnerable to: GHSA-7p7h-4mm5-852v"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-14T13:20:50.159Z","repository_id":20945498,"created_at":"2025-08-14T13:20:50.159Z","updated_at":"2025-08-14T13:20:50.159Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29738513,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-02-23T04:51:08.365Z","status":"ssl_error","status_checked_at":"2026-02-23T04:49:15.865Z","response_time":90,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-07-31T02:01:09.265Z","updated_at":"2026-02-23T06:01:49.638Z","avatar_url":"https://github.com/cloudscribe.png","language":"C#","funding_links":[],"categories":["Sample Projects","例子","Sample \u0026 Reference Applications"],"sub_categories":["Workflow","工作流"],"readme":"# cloudscribe\n\ncloudscribe is a related set of projects and components for building cross platform web applications on ASP.NET Core. Get the big picture at [cloudscribe.com](https://www.cloudscribe.com/docs/introduction)\n\nThe foundational set of projects in this repository, known as cloudscibe Core, provides support for single tenant or multi tenant management of sites, users, and roles. The other main cloudscribe project is [cloudscribe SimpleContent](https://www.cloudscribe.com/docs/cloudscribe-simplecontent). There are a lot of smaller useful libraries as well, you can find the [full list of projects here](https://www.cloudscribe.com/docs/complete-list-of-cloudscribe-libraries).\n\nIf you have questions please visit our community forums https://www.cloudscribe.com/forum.\n\n### Build Status\n\n\u003c!--\n| Windows  | Linux |\n| ------------- | ------------- |\n| [![Build status](https://ci.appveyor.com/api/projects/status/jt9c0022x3odacar/branch/master?svg=true)](https://ci.appveyor.com/project/joeaudette/cloudscribe/branch/master)  | [![Build Status](https://travis-ci.org/cloudscribe/cloudscribe.svg?branch=master)](https://travis-ci.org/cloudscribe/cloudscribe)  |\n\n[![Twitter URL](https://img.shields.io/twitter/url/http/shields.io.svg?style=social)](https://twitter.com/cloudscribeweb) [![Twitter Follow](https://img.shields.io/twitter/follow/cloudscribeweb.svg?style=social\u0026label=Follow)](https://twitter.com/cloudscribeweb)\n--\u003e\n\n\n\u003c!-- Making badges prettier: --\u003e\n[![CS Build Devel](https://img.shields.io/github/actions/workflow/status/cloudscribe/cloudscribe/cloudscribe-develop.yml?branch=develop\u0026event=push\u0026style=for-the-badge\u0026label=🚀%20Develop%20Branch)](https://github.com/cloudscribe/cloudscribe/actions/workflows/cloudscribe-develop.yml)\n\n[![SimpleContent Build Master](https://img.shields.io/github/actions/workflow/status/cloudscribe/cloudscribe/cloudscribe-master.yml?branch=master\u0026event=push\u0026style=for-the-badge\u0026label=🚀%20Main%20Branch)](https://github.com/cloudscribe/cloudscribe/actions/workflows/cloudscribe-master.yml)\n\n\n#### Why Start From Scratch?\n\nEvery web application or website project tends to need a certain amount of basic functionality, why build this over and over?\n\nIf you start a new web application project in Visual Studio using the standard project templates, what you get is just a basic implementation for user accounts via ASP.NET Identity. Those templates don't provide you any method for creating administrative users or creating roles or managing users and user role membership. You would typically have to implement that stuff yourself, and if you are like me, you don't want to have to implement that stuff again and again on every project. cloudscribe.Core aims to provide that for you with careful, well thought out implementations that adhere to [OWASP web security guidelines](https://www.owasp.org/index.php/Main_Page).\n\nTo get started building your own features and applications with cloudscribe, [please see our Introduction](https://www.cloudscribe.com/docs/introduction) to learn about our project template for Visual Studio or the .NET Core CLI\n\n#### Documentation\n\n[See the full documentation at cloudscribe.com](https://www.cloudscribe.com/docs) (work in progress)\n\n[Introduction](https://www.cloudscribe.com/docs/introduction) - get the big picture and learn how to start new projects using our project template for Visual Studio or the .NET Core CLI\n\n##### What Is Included?:\n\n* Login and registration, with support for social authentication configured from the UI. With options for recaptcha on the login and registration pages\n* Support for extra content on the login page\n* Support for extra content and a terms of use section on the registration page. If you populate the terms of use then users will be required to check a box indicating that they accept the terms in order to register and login. Also if you change the terms later you can optionally force all users to re-accept the changed terms.\n* User Management (optionally [multi-tenant](https://www.cloudscribe.com/docs/multi-tenant-support) user management) you can create and manage user accounts, create and manage roles and user role membership, and add custom claims to users all from the UI. You can optionally disable self serve user registration so that only users that you add are allowed. \n* If you change a user's role membership, the role cookie will be updated automatically so the changes are effective right away.\n* If you lock a user account or delete a user, the user will be signed out automatically.\n* [A theme system that supports both shared themes and per tenant themes](https://www.cloudscribe.com/docs/themes-and-web-design). You can set the theme from a dropdown list in Administration \u003e Site Settings, and the starter kits have a bunch of bootstrap themes included, and you can also make your own themes.\n* Support for \"Site is Closed\" - you can set a site as closed and users will not be able to navigate any pages in the site, they will only see the message you provide on the closed page. Users can still login but only members of the Administrators or Content Administrators roles will be allowed to navigate the site, all other users will be redirected to the closed message.\n* You can optionally require a confirmed email address for users if you add SMTP settings for email. A confirmation email will be sent to the user and the user will not be able to login until they click the link to confirm their email address.\n* You can optionally require approval of new accounts before a user can login, and you can get notification when new users register so you can decide whether to approve the account. There is a separate page to make it easy to find users who have not yet been approved or who have not yet confirmed their email address.\n* If you setup social authentication, you can optionally make social authentication the only allowed way to sign in.\n* You can configure SMS settings for Twilio, and then users can enable 2 factor authentication using their phone.\n* There is a company information section where you can define company name, address, email etc, and then you could show that information in the footer for example by customizing the layout. SiteContext is already injected into the layout and the company information are just properties on that so you can wrap your own markup around whichever of those properties you want to show.\n* Integration with [IdentityServer4](https://github.com/IdentityServer/IdentityServer4) providing management of users, clients and scopes. This brings us support for [Jwt](https://jwt.io/) as an alternative to cookie authentication so we can more readily support SPA (Single Page Application) style web apps as well as authentication from mobile devices.\n* [Optional LDAP Authentication support](https://www.cloudscribe.com/using-ldap-authentication)\n* [Localization Support](https://www.cloudscribe.com/docs/localization)\n* For data access, supports Entity Framework Core with either SQLite, MSSQL, MySql, or PostgreSql. [NoDb](https://github.com/joeaudette/NoDb) file system storage is also supported for small sites or proptypes.\n* Data and IO operations are async all the way down\n* This project aims to follow the [OWASP](https://www.owasp.org/index.php/Main_Page) Guidelines for best practices in security\n\n##### Need Content? \n\nTake a look at [cloudscribe.SimpleContent](https://github.com/joeaudette/cloudscribe.SimpleContent), a simple yet flexible content and blogging engine that works with cloudscribe Core.\n\n##### Planned Features:\n* Implement options for Security Questions and Answers [per OWASP guidelines](https://www.owasp.org/index.php/Forgot_Password_Cheat_Sheet)\n* Implement tracking of password hash history to support scenarios where re-using old passwords is not allowed\n* MongoDB Support - we are interested in trying to implement the data repositories with MongoDB and would welcome help with that. \n* Lots of miscellaneous smaller stuff\n\n##### Screenshots\n\n![administration menu screen shot](https://github.com/joeaudette/cloudscribe/raw/master/screenshots/admin-menu.png)\n\n##### Keep In Touch\n\nWe are collecting email addresses for a potential newsletter in the future, depending on whether this project becomes popular. If you would like to subscribe to this possible future newsletter, please send an email to subscribe [at] cloudscribe.com with the subject line \"subscribe\"\n\nIf you are interested in consulting or other support services related to cloudscribe, please send an email to info [at] cloudscribe.com.\n\nWe're also on twitter at @cloudscribeweb\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcloudscribe%2Fcloudscribe","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcloudscribe%2Fcloudscribe","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcloudscribe%2Fcloudscribe/lists"}