{"id":23229054,"url":"https://github.com/common-workflow-language/cwltest","last_synced_at":"2025-08-19T15:31:00.205Z","repository":{"id":10574931,"uuid":"66215187","full_name":"common-workflow-language/cwltest","owner":"common-workflow-language","description":"Framework for testing CWL tools and workflows","archived":false,"fork":false,"pushed_at":"2025-08-12T10:28:27.000Z","size":494,"stargazers_count":17,"open_issues_count":11,"forks_count":18,"subscribers_count":43,"default_branch":"main","last_synced_at":"2025-08-12T12:32:15.100Z","etag":null,"topics":["common-workflow-language","cwl"],"latest_commit_sha":null,"homepage":null,"language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/common-workflow-language.png","metadata":{"funding":{"custom":["https://www.commonwl.org/donate/","https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick\u0026hosted_button_id=Z55VS5LBBSZTJ"]},"files":{"readme":"README.rst","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2016-08-21T18:52:58.000Z","updated_at":"2025-08-12T10:28:29.000Z","dependencies_parsed_at":"2023-01-13T16:01:24.003Z","dependency_job_id":"8629c404-7c93-4fb7-93ae-40607b3263e9","html_url":"https://github.com/common-workflow-language/cwltest","commit_stats":{"total_commits":224,"total_committers":26,"mean_commits":8.615384615384615,"dds":0.7544642857142857,"last_synced_commit":"821f4e91a0a2a6fe8f2152ac457932759912b450"},"previous_names":[],"tags_count":43,"template":false,"template_full_name":null,"purl":"pkg:github/common-workflow-language/cwltest","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/common-workflow-language%2Fcwltest","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/common-workflow-language%2Fcwltest/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/common-workflow-language%2Fcwltest/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/common-workflow-language%2Fcwltest/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/common-workflow-language","download_url":"https://codeload.github.com/common-workflow-language/cwltest/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/common-workflow-language%2Fcwltest/sbom","scorecard":{"id":300984,"data":{"date":"2025-08-11","repo":{"name":"github.com/common-workflow-language/cwltest","commit":"cd7aca113072fad83cc1eb391addb552f90b2a7e"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":6,"checks":[{"name":"Maintained","score":6,"reason":"8 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 6","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Code-Review","score":4,"reason":"Found 2/5 approved changesets -- score normalized to 4","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/ci-tests.yml:1","Warn: no topLevel permission defined: .github/workflows/codeql-analysis.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-tests.yml:116: update your workflow using https://app.stepsecurity.io/secureworkflow/common-workflow-language/cwltest/ci-tests.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-tests.yml:119: update your workflow using https://app.stepsecurity.io/secureworkflow/common-workflow-language/cwltest/ci-tests.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-tests.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/common-workflow-language/cwltest/ci-tests.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-tests.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/common-workflow-language/cwltest/ci-tests.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-tests.yml:55: update your workflow using https://app.stepsecurity.io/secureworkflow/common-workflow-language/cwltest/ci-tests.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci-tests.yml:65: update your workflow using https://app.stepsecurity.io/secureworkflow/common-workflow-language/cwltest/ci-tests.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-tests.yml:84: update your workflow using https://app.stepsecurity.io/secureworkflow/common-workflow-language/cwltest/ci-tests.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-tests.yml:89: update your workflow using https://app.stepsecurity.io/secureworkflow/common-workflow-language/cwltest/ci-tests.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/common-workflow-language/cwltest/codeql-analysis.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/common-workflow-language/cwltest/codeql-analysis.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/common-workflow-language/cwltest/codeql-analysis.yml/main?enable=pin","Warn: pipCommand not pinned by hash: release-test.sh:36","Warn: pipCommand not pinned by hash: release-test.sh:37","Warn: pipCommand not pinned by hash: release-test.sh:38","Warn: pipCommand not pinned by hash: release-test.sh:61","Warn: pipCommand not pinned by hash: release-test.sh:62","Warn: pipCommand not pinned by hash: release-test.sh:64","Warn: pipCommand not pinned by hash: release-test.sh:66","Warn: pipCommand not pinned by hash: release-test.sh:84","Warn: pipCommand not pinned by hash: release-test.sh:85","Warn: pipCommand not pinned by hash: release-test.sh:87","Warn: pipCommand not pinned by hash: release-test.sh:88","Warn: pipCommand not pinned by hash: release-test.sh:94","Warn: pipCommand not pinned by hash: release-test.sh:110","Warn: pipCommand not pinned by hash: release-test.sh:111","Warn: pipCommand not pinned by hash: release-test.sh:112","Warn: pipCommand not pinned by hash: release-test.sh:113","Warn: pipCommand not pinned by hash: .github/workflows/ci-tests.yml:50","Warn: pipCommand not pinned by hash: .github/workflows/ci-tests.yml:51","Warn: pipCommand not pinned by hash: .github/workflows/ci-tests.yml:100","Warn: pipCommand not pinned by hash: .github/workflows/ci-tests.yml:101","Warn: pipCommand not pinned by hash: .github/workflows/ci-tests.yml:130","Warn: pipCommand not pinned by hash: .github/workflows/ci-tests.yml:131","Info:   0 out of  10 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of   1 third-party GitHubAction dependencies pinned","Info:   0 out of  22 pipCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: Apache License 2.0: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Security-Policy","score":10,"reason":"security policy file detected","details":["Info: security policy file detected: github.com/common-workflow-language/.github/SECURITY.md:1","Info: Found linked content: github.com/common-workflow-language/.github/SECURITY.md:1","Info: Found disclosure, vulnerability, and/or timelines in security policy: github.com/common-workflow-language/.github/SECURITY.md:1","Info: Found text in security policy: github.com/common-workflow-language/.github/SECURITY.md:1"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Vulnerabilities","score":9,"reason":"1 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: PYSEC-2022-43017 / GHSA-qwmp-2cf2-g9g6"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"SAST","score":9,"reason":"SAST tool detected but not run on all commits","details":["Info: SAST configuration detected: CodeQL","Warn: 21 commits out of 29 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}}]},"last_synced_at":"2025-08-17T20:37:01.549Z","repository_id":10574931,"created_at":"2025-08-17T20:37:01.549Z","updated_at":"2025-08-17T20:37:01.549Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":270932638,"owners_count":24670246,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-08-17T02:00:09.016Z","response_time":129,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["common-workflow-language","cwl"],"created_at":"2024-12-19T01:16:21.298Z","updated_at":"2025-08-19T15:31:00.196Z","avatar_url":"https://github.com/common-workflow-language.png","language":"Python","funding_links":["https://www.commonwl.org/donate/","https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick\u0026hosted_button_id=Z55VS5LBBSZTJ"],"categories":[],"sub_categories":[],"readme":"##########################################\nCommon Workflow Language testing framework\n##########################################\n\n|Linux Build Status| |Code coverage|\n\nPyPI: |PyPI Version| |PyPI Downloads Month| |Total PyPI Downloads|\n\nConda: |Conda Version| |Conda Installs|\n\n.. |Linux Build Status| image:: https://github.com/common-workflow-language/cwltest/actions/workflows/ci-tests.yml/badge.svg?branch=main\n   :target: https://github.com/common-workflow-language/cwltest/actions/workflows/ci-tests.yml\n.. |Code coverage| image:: https://codecov.io/gh/common-workflow-language/cwltest/branch/master/graph/badge.svg\n   :target: https://codecov.io/gh/common-workflow-language/cwltest\n\n.. |PyPI Version| image:: https://badge.fury.io/py/cwltest.svg\n   :target: https://badge.fury.io/py/cwltest\n\n.. |PyPI Downloads Month| image:: https://pepy.tech/badge/cwltest/month\n   :target: https://pepy.tech/project/cwltest\n\n.. |Total PyPI Downloads| image:: https://static.pepy.tech/personalized-badge/cwltest?period=total\u0026units=international_system\u0026left_color=black\u0026right_color=orange\u0026left_text=Total%20PyPI%20Downloads\n   :target: https://pepy.tech/project/cwltest\n\n.. |Conda Version| image:: https://anaconda.org/bioconda/cwltest/badges/version.svg\n   :target: https://anaconda.org/bioconda/cwltest\n\n.. |Conda Installs| image:: https://anaconda.org/bioconda/cwltest/badges/downloads.svg\n   :target: https://anaconda.org/bioconda/cwltest\n\nThis is a testing tool for checking the output of Tools and Workflows described\nwith the Common Workflow Language.  Among other uses, it is used to run the CWL\nconformance tests.\n\nThis is written and tested for Python 3.9, 3.10, 3.11, 3.12, 3.13, and 3.14\n\n.. contents:: Table of Contents\n   :local:\n\n*******\nInstall\n*******\n\nInstalling the official package from PyPi\n\n.. code:: bash\n\n  pip install cwltest\n\nOr from bioconda\n\n.. code:: bash\n\n  conda install -c bioconda cwltest\n\nOr from source\n\n.. code:: bash\n\n  git clone https://github.com/common-workflow-language/cwltest.git\n  cd cwltest \u0026\u0026 pip install  .\n\n***********************\nRun on the command line\n***********************\n\nSimple command::\n\n  cwltest --test test-descriptions.yml --tool cwl-runner\n\n*****************************************\nGenerate conformance badges using cwltest\n*****************************************\n\nTo make badges that show the results of the conformance test,\nyou can generate JSON files for https://badgen.net by using --badgedir option\n\nTo generate JSON files::\n\n  cwltest --test test-descriptions.yml --tool cwl-runner --badgedir badges\n  ...\n  $ cat badges/command_line_tool.json | jq .\n  {\n    \"subject\": \"command_line_tool\",\n    \"status\": \"100%\",\n    \"color\": \"green\"\n  }\n\nOnce you upload JSON file to a server, you make a badge by using a link like https://badgen.net/https/path/to/generated/json or https://flat.badgen.net/https/path/to/generated/json (for flat badges).\n\nHere is an example of markdown to add a badge::\n\n  ![test result](https://flat.badgen.net/https/path/to/generated/json?icon=commonwl)\n\n*************************\nCustom file access module\n*************************\n\nIf your CWL implementation does not write output files to a local file\nsystem location but instead to some other remote storage system, you\ncan provide an alternate implementation of the *StdFsAccess* object\nthat is able to access your storage system.\n\nStep 1:\n\nImplement your own class with the same public interface of the\n*StdFsAccess* object in *cwltest/stdfsaccess.py* (as of this writing,\nthe methods are *open*, *size*, *isfile* and *isdir*).  These methods\nshould expect to be called with URIs from the *location* field of the\noutputs of test cases.\n\nDefine a function that, when called, returns a new instance of your object.\n\nStep 2:\n\nCreate a Python package containing your class (or add it to an\nexisting one).\n\nIn the package metadata, add an entry point that declares the module\n(in this example, *my_cwl_runner.fsaccess*) containing the function\n(in this example, *get_fsaccess*) that *cwltest* will invoke to get an\nobject implementing the *StdFsAccess* interface.\n\nIn *setup.py* this looks like:\n\n.. code:: python\n\n  setup(\n    ...\n    entry_points={\"cwltest.fsaccess\": [\"fsaccess=my_cwl_runner.fsaccess:get_fsaccess\"]}},\n    ...\n  )\n\nIn *pyproject.toml* it looks like:\n\n.. code::\n\n  [project.entry-points.'cwltest.fsaccess']\n  fsaccess = 'my_cwl_runner.fsaccess:get_fsaccess'\n\n\nStep 3:\n\nInstall your package in the same Python environemnt as the\ninstallation of *cwltest*. When invoked, *cwltest* will query Python\npackage metadata for a package with the *cwltest.fsaccess* entry point\nand call it to get back a custom filesystem access object.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcommon-workflow-language%2Fcwltest","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcommon-workflow-language%2Fcwltest","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcommon-workflow-language%2Fcwltest/lists"}