{"id":13430299,"url":"https://github.com/csound/csound","last_synced_at":"2026-03-04T20:12:25.314Z","repository":{"id":15317562,"uuid":"18047592","full_name":"csound/csound","owner":"csound","description":"Main repository for Csound","archived":false,"fork":false,"pushed_at":"2026-02-24T23:15:56.000Z","size":134336,"stargazers_count":1451,"open_issues_count":25,"forks_count":203,"subscribers_count":99,"default_branch":"develop","last_synced_at":"2026-02-25T03:34:53.271Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"https://csound.com","language":"C","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"lgpl-2.1","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/csound.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"COPYING","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":"AUTHORS","dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2014-03-24T00:47:43.000Z","updated_at":"2026-02-24T14:30:11.000Z","dependencies_parsed_at":"2023-02-15T20:31:42.544Z","dependency_job_id":"568bbd7d-4aa4-4ae9-9f5d-d5e1135de162","html_url":"https://github.com/csound/csound","commit_stats":{"total_commits":16084,"total_committers":108,"mean_commits":"148.92592592592592","dds":0.8185152947028103,"last_synced_commit":"ddd9c7cb4833b6393754661d1416deddf12f9328"},"previous_names":[],"tags_count":91,"template":false,"template_full_name":null,"purl":"pkg:github/csound/csound","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/csound%2Fcsound","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/csound%2Fcsound/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/csound%2Fcsound/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/csound%2Fcsound/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/csound","download_url":"https://codeload.github.com/csound/csound/tar.gz/refs/heads/develop","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/csound%2Fcsound/sbom","scorecard":{"id":279842,"data":{"date":"2025-08-11","repo":{"name":"github.com/csound/csound","commit":"0eeaee9cc063244fefe2aa936a816dfd9ab7b721"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":4.6,"checks":[{"name":"Maintained","score":10,"reason":"30 commit(s) and 14 issue activity found in the last 90 days -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Code-Review","score":10,"reason":"all changesets reviewed","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: topLevel 'packages' permission set to 'write': .github/workflows/csound_build_images.yml:10","Warn: no topLevel permission defined: .github/workflows/csound_builds.yml:1","Warn: no topLevel permission defined: .github/workflows/csound_wasm.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: COPYING:0","Info: FSF or OSI recognized license: GNU Lesser General Public License v2.1: COPYING:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Binary-Artifacts","score":9,"reason":"binaries present in source code","details":["Warn: binary detected: Android/CsoundForAndroid/gradle/wrapper/gradle-wrapper.jar:1"],"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Packaging","score":10,"reason":"packaging workflow detected","details":["Info: Project packages its releases by way of GitHub Actions.: .github/workflows/csound_build_images.yml:13"],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Signed-Releases","score":0,"reason":"Project has not signed or included provenance with any releases.","details":["Warn: release artifact 7.0.0-beta.3 not signed: https://api.github.com/repos/csound/csound/releases/238776790","Warn: release artifact 7.0.0-beta.2 not signed: https://api.github.com/repos/csound/csound/releases/235389684","Warn: release artifact 7.0.0-beta.1 not signed: https://api.github.com/repos/csound/csound/releases/234560404","Warn: release artifact 6.18.1 not signed: https://api.github.com/repos/csound/csound/releases/84074575","Warn: release artifact 6.18.0 not signed: https://api.github.com/repos/csound/csound/releases/79987073","Warn: release artifact 7.0.0-beta.3 does not have provenance: https://api.github.com/repos/csound/csound/releases/238776790","Warn: release artifact 7.0.0-beta.2 does not have provenance: https://api.github.com/repos/csound/csound/releases/235389684","Warn: release artifact 7.0.0-beta.1 does not have provenance: https://api.github.com/repos/csound/csound/releases/234560404","Warn: release artifact 6.18.1 does not have provenance: https://api.github.com/repos/csound/csound/releases/84074575","Warn: release artifact 6.18.0 does not have provenance: https://api.github.com/repos/csound/csound/releases/79987073"],"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 30 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Info: Possibly incomplete results: error parsing shell code: unclosed here-document 'EOF': installer/linux/d32.sh:0","Info: Possibly incomplete results: error parsing shell code: unclosed here-document 'EOF': installer/linux/d64.sh:0","Info: Possibly incomplete results: error parsing shell code: unclosed here-document 'EOF': installer/linux/f32.sh:0","Info: Possibly incomplete results: error parsing shell code: unclosed here-document 'EOF': installer/linux/f64.sh:0","Warn: third-party GitHubAction not pinned by hash: .github/workflows/csound_build_images.yml:51: update your workflow using https://app.stepsecurity.io/secureworkflow/csound/csound/csound_build_images.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/csound_build_images.yml:56: update your workflow using https://app.stepsecurity.io/secureworkflow/csound/csound/csound_build_images.yml/develop?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/csound_build_images.yml:59: update your workflow using https://app.stepsecurity.io/secureworkflow/csound/csound/csound_build_images.yml/develop?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/csound_build_images.yml:62: update your workflow using https://app.stepsecurity.io/secureworkflow/csound/csound/csound_build_images.yml/develop?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/csound_build_images.yml:69: update your workflow using https://app.stepsecurity.io/secureworkflow/csound/csound/csound_build_images.yml/develop?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/csound_build_images.yml:86: update your workflow using https://app.stepsecurity.io/secureworkflow/csound/csound/csound_build_images.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/csound_build_images.yml:91: update your workflow using https://app.stepsecurity.io/secureworkflow/csound/csound/csound_build_images.yml/develop?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/csound_build_images.yml:94: update your workflow using https://app.stepsecurity.io/secureworkflow/csound/csound/csound_build_images.yml/develop?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/csound_build_images.yml:97: update your workflow using https://app.stepsecurity.io/secureworkflow/csound/csound/csound_build_images.yml/develop?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/csound_build_images.yml:104: update your workflow using https://app.stepsecurity.io/secureworkflow/csound/csound/csound_build_images.yml/develop?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/csound_build_images.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/csound/csound/csound_build_images.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/csound_build_images.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/csound/csound/csound_build_images.yml/develop?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/csound_build_images.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/csound/csound/csound_build_images.yml/develop?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/csound_build_images.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/csound/csound/csound_build_images.yml/develop?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/csound_build_images.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/csound/csound/csound_build_images.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/csound_builds.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/csound/csound/csound_builds.yml/develop?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/csound_builds.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/csound/csound/csound_builds.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/csound_builds.yml:378: update your workflow using https://app.stepsecurity.io/secureworkflow/csound/csound/csound_builds.yml/develop?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/csound_builds.yml:383: update your workflow using https://app.stepsecurity.io/secureworkflow/csound/csound/csound_builds.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/csound_builds.yml:386: update your workflow using https://app.stepsecurity.io/secureworkflow/csound/csound/csound_builds.yml/develop?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/csound_builds.yml:396: update your workflow using https://app.stepsecurity.io/secureworkflow/csound/csound/csound_builds.yml/develop?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/csound_builds.yml:415: update your workflow using https://app.stepsecurity.io/secureworkflow/csound/csound/csound_builds.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/csound_builds.yml:558: update your workflow using https://app.stepsecurity.io/secureworkflow/csound/csound/csound_builds.yml/develop?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/csound_builds.yml:563: update your workflow using https://app.stepsecurity.io/secureworkflow/csound/csound/csound_builds.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/csound_builds.yml:566: update your workflow using https://app.stepsecurity.io/secureworkflow/csound/csound/csound_builds.yml/develop?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/csound_builds.yml:576: update your workflow using https://app.stepsecurity.io/secureworkflow/csound/csound/csound_builds.yml/develop?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/csound_builds.yml:592: update your workflow using https://app.stepsecurity.io/secureworkflow/csound/csound/csound_builds.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/csound_builds.yml:515: update your workflow using https://app.stepsecurity.io/secureworkflow/csound/csound/csound_builds.yml/develop?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/csound_builds.yml:520: update your workflow using https://app.stepsecurity.io/secureworkflow/csound/csound/csound_builds.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/csound_builds.yml:523: update your workflow using https://app.stepsecurity.io/secureworkflow/csound/csound/csound_builds.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/csound_builds.yml:651: update your workflow using https://app.stepsecurity.io/secureworkflow/csound/csound/csound_builds.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/csound_builds.yml:680: update your workflow using https://app.stepsecurity.io/secureworkflow/csound/csound/csound_builds.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/csound_builds.yml:153: update your workflow using https://app.stepsecurity.io/secureworkflow/csound/csound/csound_builds.yml/develop?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/csound_builds.yml:158: update your workflow using https://app.stepsecurity.io/secureworkflow/csound/csound/csound_builds.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/csound_builds.yml:161: update your workflow using https://app.stepsecurity.io/secureworkflow/csound/csound/csound_builds.yml/develop?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/csound_builds.yml:171: update your workflow using https://app.stepsecurity.io/secureworkflow/csound/csound/csound_builds.yml/develop?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/csound_builds.yml:189: update your workflow using https://app.stepsecurity.io/secureworkflow/csound/csound/csound_builds.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/csound_builds.yml:205: update your workflow using https://app.stepsecurity.io/secureworkflow/csound/csound/csound_builds.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/csound_builds.yml:307: update your workflow using https://app.stepsecurity.io/secureworkflow/csound/csound/csound_builds.yml/develop?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/csound_builds.yml:312: update your workflow using https://app.stepsecurity.io/secureworkflow/csound/csound/csound_builds.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/csound_builds.yml:315: update your workflow using https://app.stepsecurity.io/secureworkflow/csound/csound/csound_builds.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/csound_builds.yml:341: update your workflow using https://app.stepsecurity.io/secureworkflow/csound/csound/csound_builds.yml/develop?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/csound_builds.yml:346: update your workflow using https://app.stepsecurity.io/secureworkflow/csound/csound/csound_builds.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/csound_builds.yml:349: update your workflow using https://app.stepsecurity.io/secureworkflow/csound/csound/csound_builds.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/csound_builds.yml:609: update your workflow using https://app.stepsecurity.io/secureworkflow/csound/csound/csound_builds.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/csound_builds.yml:615: update your workflow using https://app.stepsecurity.io/secureworkflow/csound/csound/csound_builds.yml/develop?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/csound_builds.yml:625: update your workflow using https://app.stepsecurity.io/secureworkflow/csound/csound/csound_builds.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/csound_builds.yml:695: update your workflow using https://app.stepsecurity.io/secureworkflow/csound/csound/csound_builds.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/csound_builds.yml:701: update your workflow using https://app.stepsecurity.io/secureworkflow/csound/csound/csound_builds.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/csound_builds.yml:707: update your workflow using https://app.stepsecurity.io/secureworkflow/csound/csound/csound_builds.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/csound_builds.yml:714: update your workflow using https://app.stepsecurity.io/secureworkflow/csound/csound/csound_builds.yml/develop?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/csound_builds.yml:730: update your workflow using https://app.stepsecurity.io/secureworkflow/csound/csound/csound_builds.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/csound_builds.yml:51: update your workflow using https://app.stepsecurity.io/secureworkflow/csound/csound/csound_builds.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/csound_builds.yml:82: update your workflow using https://app.stepsecurity.io/secureworkflow/csound/csound/csound_builds.yml/develop?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/csound_builds.yml:87: update your workflow using https://app.stepsecurity.io/secureworkflow/csound/csound/csound_builds.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/csound_builds.yml:90: update your workflow using https://app.stepsecurity.io/secureworkflow/csound/csound/csound_builds.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/csound_builds.yml:124: update your workflow using https://app.stepsecurity.io/secureworkflow/csound/csound/csound_builds.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/csound_builds.yml:140: update your workflow using https://app.stepsecurity.io/secureworkflow/csound/csound/csound_builds.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/csound_builds.yml:231: update your workflow using https://app.stepsecurity.io/secureworkflow/csound/csound/csound_builds.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/csound_builds.yml:297: update your workflow using https://app.stepsecurity.io/secureworkflow/csound/csound/csound_builds.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/csound_builds.yml:436: update your workflow using https://app.stepsecurity.io/secureworkflow/csound/csound/csound_builds.yml/develop?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/csound_builds.yml:441: update your workflow using https://app.stepsecurity.io/secureworkflow/csound/csound/csound_builds.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/csound_builds.yml:444: update your workflow using https://app.stepsecurity.io/secureworkflow/csound/csound/csound_builds.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/csound_builds.yml:488: update your workflow using https://app.stepsecurity.io/secureworkflow/csound/csound/csound_builds.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/csound_builds.yml:496: update your workflow using https://app.stepsecurity.io/secureworkflow/csound/csound/csound_builds.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/csound_wasm.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/csound/csound/csound_wasm.yml/develop?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/csound_wasm.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/csound/csound/csound_wasm.yml/develop?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/csound_wasm.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/csound/csound/csound_wasm.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/csound_wasm.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/csound/csound/csound_wasm.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/csound_wasm.yml:48: update your workflow using https://app.stepsecurity.io/secureworkflow/csound/csound/csound_wasm.yml/develop?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/csound_wasm.yml:49: update your workflow using https://app.stepsecurity.io/secureworkflow/csound/csound/csound_wasm.yml/develop?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/csound_wasm.yml:52: update your workflow using https://app.stepsecurity.io/secureworkflow/csound/csound/csound_wasm.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/csound_wasm.yml:57: update your workflow using https://app.stepsecurity.io/secureworkflow/csound/csound/csound_wasm.yml/develop?enable=pin","Warn: containerImage not pinned by hash: DockerFiles/Emscripten/Dockerfile:3: pin your Docker image by updating ubuntu:latest to ubuntu:latest@sha256:7c06e91f61fa88c08cc74f7e1b7c69ae24910d745357e0dfe1d2c0322aaf20f9","Warn: containerImage not pinned by hash: DockerFiles/android/Dockerfile:3: pin your Docker image by updating npetrovsky/docker-android-sdk-ndk to npetrovsky/docker-android-sdk-ndk@sha256:1d89684916053b3a28d4f2df72d86bb25b0dcb58b1fe17efcf824210cf54cfe5","Warn: containerImage not pinned by hash: DockerFiles/linux/Dockerfile.opensuse:2: pin your Docker image by updating opensuse/leap to opensuse/leap@sha256:f2c9408ba749d229fe09fbdfd36f4e87bbb77b77fb55c58a28ff93595cab9fd2","Warn: containerImage not pinned by hash: platform/android/Dockerfile:1","Warn: containerImage not pinned by hash: platform/android/Dockerfile:45: pin your Docker image by updating ubuntu:22.04 to ubuntu:22.04@sha256:1aa979d85661c488ce030ac292876cf6ed04535d3a237e49f61542d8e5de5ae0","Warn: containerImage not pinned by hash: platform/ioscross/Dockerfile:1","Warn: containerImage not pinned by hash: platform/ioscross/Dockerfile:136: pin your Docker image by updating ubuntu:22.04 to ubuntu:22.04@sha256:1aa979d85661c488ce030ac292876cf6ed04535d3a237e49f61542d8e5de5ae0","Warn: containerImage not pinned by hash: platform/mingw64-linux/Dockerfile:1: pin your Docker image by updating ubuntu:22.04 to ubuntu:22.04@sha256:1aa979d85661c488ce030ac292876cf6ed04535d3a237e49f61542d8e5de5ae0","Warn: containerImage not pinned by hash: platform/osxcross/Dockerfile:1","Warn: containerImage not pinned by hash: platform/osxcross/Dockerfile:60: pin your Docker image by updating ubuntu:22.04 to ubuntu:22.04@sha256:1aa979d85661c488ce030ac292876cf6ed04535d3a237e49f61542d8e5de5ae0","Warn: containerImage not pinned by hash: platform/wasm/Dockerfile:1: pin your Docker image by updating ubuntu:22.04 to ubuntu:22.04@sha256:1aa979d85661c488ce030ac292876cf6ed04535d3a237e49f61542d8e5de5ae0","Warn: containerImage not pinned by hash: wasm/Dockerfile:1: pin your Docker image by updating nixos/nix to nixos/nix@sha256:7894650fb65234b35c80010e6ca44149b70a4a216118a6b7e5c6f6ae377c8d21","Warn: downloadThenRun not pinned by hash: DockerFiles/Emscripten/Dockerfile:37","Warn: npmCommand not pinned by hash: DockerFiles/Emscripten/Dockerfile:41","Warn: pipCommand not pinned by hash: platform/wasm/Dockerfile:20","Info:   0 out of  40 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of  33 third-party GitHubAction dependencies pinned","Info:   0 out of  12 containerImage dependencies pinned","Info:   0 out of   1 downloadThenRun dependencies pinned","Info:   0 out of   1 npmCommand dependencies pinned","Info:   0 out of   1 pipCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Vulnerabilities","score":0,"reason":"38 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-968p-4wvh-cqc8","Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92","Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw","Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg","Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275","Warn: Project is vulnerable to: GHSA-4q6p-r6v2-jvc5","Warn: Project is vulnerable to: GHSA-9c47-m6qq-7p4h","Warn: Project is vulnerable to: GHSA-76p3-8jx3-jpfq","Warn: Project is vulnerable to: GHSA-3rfm-jhwj-7488","Warn: Project is vulnerable to: GHSA-hhq3-ff78-jv3g","Warn: Project is vulnerable to: GHSA-p6mc-m468-83gw","Warn: Project is vulnerable to: GHSA-mwcw-c2x4-8c55","Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j","Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw","Warn: Project is vulnerable to: GHSA-m6fv-jmcg-4jfg","Warn: Project is vulnerable to: GHSA-76p7-773f-r4q5","Warn: Project is vulnerable to: GHSA-cm22-4g7w-348p","Warn: Project is vulnerable to: GHSA-mxhp-79qh-mcx6","Warn: Project is vulnerable to: GHSA-52f5-9888-hmc6","Warn: Project is vulnerable to: GHSA-j8xg-fqg3-53r7","Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q","Warn: Project is vulnerable to: GHSA-93q8-gq69-wqmw","Warn: Project is vulnerable to: GHSA-w573-4hg7-7wgq","Warn: Project is vulnerable to: GHSA-fjxv-7rqg-78g4","Warn: Project is vulnerable to: GHSA-43f8-2h32-f4cj","Warn: Project is vulnerable to: GHSA-896r-f27r-55mw","Warn: Project is vulnerable to: GHSA-29mw-wpgm-hmr9","Warn: Project is vulnerable to: GHSA-35jh-r3h4-6jhm","Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv","Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3","Warn: Project is vulnerable to: GHSA-xvch-5gv4-984h","Warn: Project is vulnerable to: GHSA-hj48-42vr-x3v9","Warn: Project is vulnerable to: GHSA-hrpp-h998-j3pp","Warn: Project is vulnerable to: GHSA-p8p7-x288-28g6","Warn: Project is vulnerable to: GHSA-w5fc-gj3h-26rx","Warn: Project is vulnerable to: GHSA-jgrx-mgxx-jf9v","Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3","Warn: Project is vulnerable to: GHSA-6fc8-4gx4-v693"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-17T15:27:43.367Z","repository_id":15317562,"created_at":"2025-08-17T15:27:43.367Z","updated_at":"2025-08-17T15:27:43.367Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":30091761,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-03-04T19:41:02.502Z","status":"ssl_error","status_checked_at":"2026-03-04T19:40:05.550Z","response_time":59,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-07-31T02:00:51.965Z","updated_at":"2026-03-04T20:12:25.271Z","avatar_url":"https://github.com/csound.png","language":"C","readme":"# CSOUND\nVersion 7.0.0 (beta)\n\nThis is the develop branch of the Csound main code repository. At\nthe moment, we are developing the next main version (moving from 6.x\nto 7.0), and this branch reflects current work-in-progress. This is\nstill undergoing changes and fixes until the first release. The\nlatest beta release installers for MacOS, iOS, and Windows can be\ndownloaded from the relevant\n[github actions page](https://github.com/csound/csound/actions/workflows/csound_builds.yml).\nSelecting the latest develop build brings a page with the download\nartefacts at the bottom.\n\n\nAnyone seeking the latest 6.x version please checkout the csound6\nbranch (or the master branch, containing the latest and final release\nof this version). Note that 6.x is EOL and no more releases of that\nversion are planned.\n\n![Build Status](https://github.com/csound/csound/actions/workflows/csound_builds.yml/badge.svg?branch=develop)\n\u003c!--- ![Coverity Status](https://scan.coverity.com/projects/1822/badge.svg) ---\u003e\nA sound and music computing system.\n\nCsound is copyright (c) 1991-2024 The Csound Developers, see CONTRIBUTORS\n\nCsound is free software; you can redistribute them\nand/or modify them under the terms of the GNU Lesser General Public\nLicense as published by the Free Software Foundation; either\nversion 2.1 of the License, or (at your option) any later version.\n\nCsound is distributed in the hope that they will be useful,\nbut WITHOUT ANY WARRANTY; without even the implied warranty of\nMERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the\nGNU Lesser General Public License for more details.\n\nYou should have received a copy of the GNU Lesser General Public\nLicense along with this software; if not, write to the Free Software\nFoundation, Inc., 31 Milk Street, #960789, Boston, MA, 02196, USA\n\n# GETTING STARTED\n\nThis repository contains the code for the core Csound library, the\ninterfaces library, and the command-line interface frontend. It also\ncontains specific code for ports to various embedded, mobile and web platforms.\n\nFor general project information, please look at http://csound.com,\nwhere all details about Csound, what it does, its history, music\nmade with it, and many other things can be found.\n\nThe Csound Reference Manual can be found online at http://docs.csound.com.\n\nThe Csound API application programming interface reference \nmay be found online at http://csound.github.io/docs/api/index.html.\n\nInformation on how to build Csound on various platforms is given in\nthe BUILD.md file at the top level directory of this repository.\n\nInformation about build pipelines with Azure and Github actions is given in\n[DockerFiles/Readme.md](DockerFiles/ReadMe.md).\n\n# CONTRIBUTORS\n\nCsound contains contributions from musicians, scientists, and programmers\nfrom around the world. They include (but are not limited to):\n\n* Allan Lee\n* Andres Cabrera\n* Anthony Kozar\n* Barry Vercoe\n* Bill Gardner\n* Bill Verplank\n* Dan Ellis\n* David Macintyre\n* Ed Costello\n* Eli Breder\n* Fabio P. Bertolotti\n* Felipe Sataler\n* François Pinot\n* Gabriel Maldonado\n* Greg Sullivan\n* Hans Mikelson\n* Henri Manson\n* Ian McCurdy\n* Istvan Varga\n* Jean Piché\n* Joachim Heintz\n* John Ramsdell\n* John ffitch\n* Marc Resibois\n* Mark Dolson\n* Matt Ingalls\n* Max Mathews\n* Michael Casey\n* Michael Clark\n* Michael Gogins\n* Mike Berry\n* Nate Whetsell\n* Paris Smaragdis\n* Perry Cook\n* Peter Neubäcker\n* Peter Nix\n* Rasmus Ekman\n* Richard Dobson\n* Richard Karpen\n* Rob Shaw\n* Robin Whittle\n* Rory Walsh\n* Sean Costello\n* Stephen Kyne\n* Steven Yi\n* Tito Latini\n* Tom Erbe\n* Victor Lazzarini\n* Ville Pulkki\n* Werner Mendizabal\n","funding_links":[],"categories":["C","Expert Systems","Miscellaneous open source audio code/projects"],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcsound%2Fcsound","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcsound%2Fcsound","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcsound%2Fcsound/lists"}