{"id":13496221,"url":"https://github.com/cncf/xds","last_synced_at":"2025-10-23T22:57:32.113Z","repository":{"id":37807785,"uuid":"314298379","full_name":"cncf/xds","owner":"cncf","description":"xDS API Working Group","archived":false,"fork":false,"pushed_at":"2025-10-14T12:38:36.000Z","size":457,"stargazers_count":245,"open_issues_count":24,"forks_count":78,"subscribers_count":20,"default_branch":"main","last_synced_at":"2025-10-19T00:48:07.974Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"Starlark","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/cncf.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2020-11-19T16:01:59.000Z","updated_at":"2025-10-16T15:24:38.000Z","dependencies_parsed_at":"2024-01-13T17:47:55.868Z","dependency_job_id":"2fbfe45d-45e1-4ed8-91e1-f07c683f5cff","html_url":"https://github.com/cncf/xds","commit_stats":{"total_commits":51,"total_committers":20,"mean_commits":2.55,"dds":0.8431372549019608,"last_synced_commit":"b4127c9b8d78b77423fd25169f05b7476b6ea932"},"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/cncf/xds","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cncf%2Fxds","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cncf%2Fxds/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cncf%2Fxds/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cncf%2Fxds/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/cncf","download_url":"https://codeload.github.com/cncf/xds/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cncf%2Fxds/sbom","scorecard":{"id":294580,"data":{"date":"2025-08-11","repo":{"name":"github.com/cncf/xds","commit":"2ac532fd44436293585084f8d94c6bdb17835af0"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":4.2,"checks":[{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Token-Permissions","score":-1,"reason":"No tokens found","details":null,"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Code-Review","score":10,"reason":"all changesets reviewed","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Dangerous-Workflow","score":-1,"reason":"no workflows found","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Pinned-Dependencies","score":-1,"reason":"no dependencies found","details":null,"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Binary-Artifacts","score":9,"reason":"binaries present in source code","details":["Warn: binary detected: python/dist/xds-0.1.0-py3-none-any.whl:1"],"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: Apache License 2.0: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Vulnerabilities","score":6,"reason":"4 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GO-2024-2687 / GHSA-4v7x-pqxf-cx7m","Warn: Project is vulnerable to: GO-2024-3333","Warn: Project is vulnerable to: GO-2025-3503 / GHSA-qxp5-gwg8-xv66","Warn: Project is vulnerable to: GO-2025-3595 / GHSA-vvgc-356p-c3xw"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 30 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}}]},"last_synced_at":"2025-08-17T19:09:04.113Z","repository_id":37807785,"created_at":"2025-08-17T19:09:04.113Z","updated_at":"2025-08-17T19:09:04.113Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":280563530,"owners_count":26351731,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-23T02:00:06.710Z","response_time":142,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-07-31T19:01:44.096Z","updated_at":"2025-10-23T22:57:32.096Z","avatar_url":"https://github.com/cncf.png","language":"Starlark","funding_links":[],"categories":["Starlark"],"sub_categories":[],"readme":"# xDS API Working Group (xDS-WG)\n\n# Goal\n\nThe objective of the xDS API Working Group (xDS-WG) is to bring together parties\nacross the industry interested in a common control and configuration API for\ndata plane proxies and load balancers, based on the xDS APIs.\n\n# Vision\n\nThe xDS vision is one of a universal data plane API, articulated at\n[https://blog.envoyproxy.io/the-universal-data-plane-api-d15cec7a](https://blog.envoyproxy.io/the-universal-data-plane-api-d15cec7a).\nxDS aims to provide a set of APIs that provide the de facto standard for L4/L7\ndata plane configuration, similar to the role played by OpenFlow at L2/L3/L4 in\nSDN.\n\nThe [existing Envoy xDS\nAPIs](https://github.com/envoyproxy/envoy/tree/main/api) constitute the basis\nfor this vision and will incrementally evolve towards supporting a goal of\nclient neutrality. We will evolve the xDS APIs to support additional clients,\nfor example data plane proxies beyond Envoy, proxyless service mesh libraries,\nhardware load balancers, mobile clients and beyond. We will strive to be vendor\nand implementation agnostic to the degree possible while not regressing on\nsupport for data plane components that have committed to xDS in production\n(Envoy \u0026 gRPC to date).\n\nThe xDS APIs have two delineated aspects, a transport protocol and data model,\nThe xDS transport protocol provides a low latency versioned streaming gRPC\ndelivery of xDS resources. The data model covers common data plane concerns such\nas service discovery, load balancing assignments, routing discovery, listener\nconfiguration, secret discovery, load reporting, health check delegation, etc.\n\n# Repository structure\n\nThe xDS APIs are split between this repository and\nhttps://github.com/envoyproxy/envoy/tree/main/api. Our long-term goal is to\nmove the entire API to this repository, this will be done opportunistically over\ntime as we generalize parts of the API to be less client-specific.\n\n# Mailing list and meetings\n\nWe have an open mailing list [xds-wg@lists.cncf.io](https://lists.cncf.io/g/xds-wg/) for communication and announcements. We also meet\non an ad hoc basis via Zoom.\n\nTo monitor activity, you can either subscribe to a GitHub watch on this repository or join the [@cncf/xds-wg](https://github.com/orgs/cncf/teams/xds-wg) team for\ntagging on key PRs and RFCs.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcncf%2Fxds","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcncf%2Fxds","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcncf%2Fxds/lists"}