{"id":13435038,"url":"https://github.com/cockpit-project/cockpit","last_synced_at":"2026-04-14T09:01:05.055Z","repository":{"id":11562414,"uuid":"14049216","full_name":"cockpit-project/cockpit","owner":"cockpit-project","description":"Cockpit is a web-based graphical interface for servers.","archived":false,"fork":false,"pushed_at":"2026-04-13T03:14:00.000Z","size":258939,"stargazers_count":13872,"open_issues_count":464,"forks_count":1265,"subscribers_count":185,"default_branch":"main","last_synced_at":"2026-04-13T05:12:07.732Z","etag":null,"topics":["cockpit","javascript","linux-servers"],"latest_commit_sha":null,"homepage":"http://www.cockpit-project.org/","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/cockpit-project.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSES/BSD-3-Clause.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":"AUTHORS","dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2013-11-01T17:36:46.000Z","updated_at":"2026-04-12T15:01:31.000Z","dependencies_parsed_at":"2024-03-18T08:25:18.939Z","dependency_job_id":"abcfe1f8-6794-4bad-b264-de89f57bfd0c","html_url":"https://github.com/cockpit-project/cockpit","commit_stats":null,"previous_names":[],"tags_count":440,"template":false,"template_full_name":null,"purl":"pkg:github/cockpit-project/cockpit","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cockpit-project%2Fcockpit","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cockpit-project%2Fcockpit/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cockpit-project%2Fcockpit/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cockpit-project%2Fcockpit/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/cockpit-project","download_url":"https://codeload.github.com/cockpit-project/cockpit/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cockpit-project%2Fcockpit/sbom","scorecard":{"id":235058,"data":{"date":"2025-08-11","repo":{"name":"github.com/cockpit-project/cockpit","commit":"b280acc694b9a1becd9a7aef8e3a73afc85f124e"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":5.3,"checks":[{"name":"Maintained","score":10,"reason":"30 commit(s) and 15 issue activity found in the last 90 days -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Code-Review","score":10,"reason":"all changesets reviewed","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Dangerous-Workflow","score":0,"reason":"dangerous workflow patterns detected","details":["Warn: script injection with untrusted input ' github.head_ref ': .github/workflows/dependabot.yml:84","Warn: untrusted code checkout '${{ github.event.pull_request.head.ref }}': .github/workflows/dependabot.yml:17"],"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Info: found token with 'none' permissions: .github/workflows/build-ws-container.yml:1","Info: jobLevel 'actions' permission set to 'read': .github/workflows/codeql.yml:13","Info: jobLevel 'contents' permission set to 'read': .github/workflows/codeql.yml:14","Info: jobLevel 'contents' permission set to 'read': .github/workflows/dependabot.yml:10","Warn: jobLevel 'security-events' permission set to 'write': .github/workflows/differential-shellcheck.yml:19","Info: found token with 'none' permissions: .github/workflows/docker-mirors.yml:1","Info: found token with 'none' permissions: .github/workflows/flatpak-test.yml:1","Warn: jobLevel 'statuses' permission set to 'write': .github/workflows/nightly.yml:10","Info: found token with 'none' permissions: .github/workflows/release.yml:1","Info: found token with 'none' permissions: .github/workflows/release.yml:1","Warn: jobLevel 'contents' permission set to 'write': .github/workflows/release.yml:14","Info: found token with 'none' permissions: .github/workflows/release.yml:1","Info: jobLevel 'contents' permission set to 'read': .github/workflows/reposchutz.yml:11","Warn: jobLevel 'contents' permission set to 'write': .github/workflows/tasks-container-update.yml:12","Warn: jobLevel 'statuses' permission set to 'write': .github/workflows/tasks-container-update.yml:14","Info: found token with 'none' permissions: .github/workflows/tox.yaml:1","Info: jobLevel 'contents' permission set to 'read': .github/workflows/trigger-anaconda.yml:20","Warn: jobLevel 'statuses' permission set to 'write': .github/workflows/trigger-anaconda.yml:21","Info: found token with 'none' permissions: .github/workflows/unit-tests.yml:1","Warn: jobLevel 'statuses' permission set to 'write': .github/workflows/weblate-sync-po.yml:15","Info: found token with 'none' permissions: .github/workflows/weblate-sync-pot.yml:1","Warn: no topLevel permission defined: .github/workflows/build-ws-container.yml:1","Warn: no topLevel permission defined: .github/workflows/codeql.yml:1","Warn: no topLevel permission defined: .github/workflows/dependabot.yml:1","Info: topLevel 'contents' permission set to 'read': .github/workflows/differential-shellcheck.yml:12","Warn: no topLevel permission defined: .github/workflows/docker-mirors.yml:1","Warn: no topLevel permission defined: .github/workflows/flatpak-test.yml:1","Warn: no topLevel permission defined: .github/workflows/nightly.yml:1","Warn: no topLevel permission defined: .github/workflows/release.yml:1","Warn: no topLevel permission defined: .github/workflows/reposchutz.yml:1","Warn: no topLevel permission defined: .github/workflows/tasks-container-update.yml:1","Warn: no topLevel permission defined: .github/workflows/tox.yaml:1","Warn: no topLevel permission defined: .github/workflows/trigger-anaconda.yml:1","Warn: no topLevel permission defined: .github/workflows/unit-tests.yml:1","Warn: no topLevel permission defined: .github/workflows/urls-check.yml:1","Warn: no topLevel permission defined: .github/workflows/weblate-sync-po.yml:1","Warn: no topLevel permission defined: .github/workflows/weblate-sync-pot.yml:1"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: COPYING:0","Info: FSF or OSI recognized license: GNU Lesser General Public License v2.1: COPYING:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Signed-Releases","score":0,"reason":"Project has not signed or included provenance with any releases.","details":["Warn: release artifact 344 not signed: https://api.github.com/repos/cockpit-project/cockpit/releases/237967483","Warn: release artifact 334.2 not signed: https://api.github.com/repos/cockpit-project/cockpit/releases/237844186","Warn: release artifact 343 not signed: https://api.github.com/repos/cockpit-project/cockpit/releases/234525523","Warn: release artifact 342 not signed: https://api.github.com/repos/cockpit-project/cockpit/releases/231074502","Warn: release artifact 310.5 not signed: https://api.github.com/repos/cockpit-project/cockpit/releases/229747941","Warn: release artifact 344 does not have provenance: https://api.github.com/repos/cockpit-project/cockpit/releases/237967483","Warn: release artifact 334.2 does not have provenance: https://api.github.com/repos/cockpit-project/cockpit/releases/237844186","Warn: release artifact 343 does not have provenance: https://api.github.com/repos/cockpit-project/cockpit/releases/234525523","Warn: release artifact 342 does not have provenance: https://api.github.com/repos/cockpit-project/cockpit/releases/231074502","Warn: release artifact 310.5 does not have provenance: https://api.github.com/repos/cockpit-project/cockpit/releases/229747941"],"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"Security-Policy","score":10,"reason":"security policy file detected","details":["Info: security policy file detected: github.com/cockpit-project/.github/SECURITY.md:1","Info: Found linked content: github.com/cockpit-project/.github/SECURITY.md:1","Info: Found disclosure, vulnerability, and/or timelines in security policy: github.com/cockpit-project/.github/SECURITY.md:1","Info: Found text in security policy: github.com/cockpit-project/.github/SECURITY.md:1"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-ws-container.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/cockpit-project/cockpit/build-ws-container.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-ws-container.yml:70: update your workflow using https://app.stepsecurity.io/secureworkflow/cockpit-project/cockpit/build-ws-container.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-ws-container.yml:87: update your workflow using https://app.stepsecurity.io/secureworkflow/cockpit-project/cockpit/build-ws-container.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/cockpit-project/cockpit/codeql.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/cockpit-project/cockpit/codeql.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yml:56: update your workflow using https://app.stepsecurity.io/secureworkflow/cockpit-project/cockpit/codeql.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/dependabot.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/cockpit-project/cockpit/dependabot.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/dependabot.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/cockpit-project/cockpit/dependabot.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/dependabot.yml:70: update your workflow using https://app.stepsecurity.io/secureworkflow/cockpit-project/cockpit/dependabot.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/differential-shellcheck.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/cockpit-project/cockpit/differential-shellcheck.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/differential-shellcheck.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/cockpit-project/cockpit/differential-shellcheck.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/flatpak-test.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/cockpit-project/cockpit/flatpak-test.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nightly.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/cockpit-project/cockpit/nightly.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:154: update your workflow using https://app.stepsecurity.io/secureworkflow/cockpit-project/cockpit/release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/cockpit-project/cockpit/release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:49: update your workflow using https://app.stepsecurity.io/secureworkflow/cockpit-project/cockpit/release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:102: update your workflow using https://app.stepsecurity.io/secureworkflow/cockpit-project/cockpit/release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:107: update your workflow using https://app.stepsecurity.io/secureworkflow/cockpit-project/cockpit/release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/reposchutz.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/cockpit-project/cockpit/reposchutz.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/reposchutz.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/cockpit-project/cockpit/reposchutz.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tasks-container-update.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/cockpit-project/cockpit/tasks-container-update.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tox.yaml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/cockpit-project/cockpit/tox.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/urls-check.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/cockpit-project/cockpit/urls-check.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/weblate-sync-po.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/cockpit-project/cockpit/weblate-sync-po.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/weblate-sync-po.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/cockpit-project/cockpit/weblate-sync-po.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/weblate-sync-pot.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/cockpit-project/cockpit/weblate-sync-pot.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/weblate-sync-pot.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/cockpit-project/cockpit/weblate-sync-pot.yml/main?enable=pin","Warn: downloadThenRun not pinned by hash: test/common/pixel-tests:99","Warn: downloadThenRun not pinned by hash: test/common/pixel-tests:110","Info:   0 out of  26 GitHub-owned GitHubAction dependencies pinned","Info:   1 out of   2 third-party GitHubAction dependencies pinned","Info:   0 out of   2 downloadThenRun dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"SAST","score":10,"reason":"SAST tool is run on all commits","details":["Info: SAST configuration detected: CodeQL","Info: all commits (30) are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}}]},"last_synced_at":"2025-08-17T05:30:18.515Z","repository_id":11562414,"created_at":"2025-08-17T05:30:18.516Z","updated_at":"2025-08-17T05:30:18.516Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31789207,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-14T02:24:21.117Z","status":"ssl_error","status_checked_at":"2026-04-14T02:24:20.627Z","response_time":153,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cockpit","javascript","linux-servers"],"created_at":"2024-07-31T03:00:31.120Z","updated_at":"2026-04-14T09:01:04.991Z","avatar_url":"https://github.com/cockpit-project.png","language":"JavaScript","funding_links":[],"categories":["JavaScript","C","HarmonyOS","Uncategorized","Interfaces","javascript","运维管理平台","Gaming","Apps","Table of Contents"],"sub_categories":["Windows Manager","Uncategorized","Jenkins","Server Management :penguin:","InfraManagement","Dashboard"],"readme":"# Cockpit\n**A sysadmin login session in a web browser**\n\n[cockpit-project.org](https://cockpit-project.org/)\n\nCockpit is an interactive server admin interface. It is easy to use and very lightweight.\nCockpit interacts directly with the operating system from a real Linux session in a browser.\n\n### Using Cockpit\n\nYou can [install Cockpit](https://cockpit-project.org/running.html) on many Linux operating\nsystems including Debian, Fedora and RHEL.\n\nCockpit makes Linux discoverable, allowing sysadmins to easily perform tasks such as starting\ncontainers, storage administration, network configuration, inspecting logs and so on.\n\nJumping between the terminal and the web tool is no problem. A service started via Cockpit\ncan be stopped via the terminal. Likewise, if an error occurs in the terminal, it can be seen\nin the Cockpit journal interface.\n\nYou can also easily add other machines that have Cockpit installed and are accessible via SSH and jump\nbetween these hosts.\n\n### Development\n\n * [Making changes to Cockpit](HACKING.md)\n * [How to contribute, developer documentation](https://github.com/cockpit-project/cockpit/wiki/Contributing)\n * Matrix Channel: [#cockpit:fedoraproject.org](https://matrix.to/#/#cockpit:fedoraproject.org)\n * [Mailing List](https://lists.fedorahosted.org/admin/lists/cockpit-devel.lists.fedorahosted.org/)\n * [Guiding Principles](https://cockpit-project.org/ideals.html)\n * [Release Notes](https://cockpit-project.org/blog/category/release.html)\n * [Privacy Policy](https://cockpit-project.org/privacy.html)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcockpit-project%2Fcockpit","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcockpit-project%2Fcockpit","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcockpit-project%2Fcockpit/lists"}