{"id":36415617,"url":"https://github.com/ehrbase/ehrbase","last_synced_at":"2026-04-02T18:02:36.828Z","repository":{"id":37902104,"uuid":"213594368","full_name":"ehrbase/ehrbase","owner":"ehrbase","description":"An open source openEHR server ","archived":false,"fork":false,"pushed_at":"2026-03-19T15:54:26.000Z","size":88113,"stargazers_count":350,"open_issues_count":75,"forks_count":142,"subscribers_count":23,"default_branch":"develop","last_synced_at":"2026-03-20T00:56:42.927Z","etag":null,"topics":["cdr","clinical","clinical-data","ehr","openehr"],"latest_commit_sha":null,"homepage":"http://ehrbase.org","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ehrbase.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":"NOTICE","maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2019-10-08T08:54:57.000Z","updated_at":"2026-03-19T07:58:47.000Z","dependencies_parsed_at":"2022-07-14T08:09:02.271Z","dependency_job_id":"1d80c360-45a2-4168-bc2d-09949ed891b7","html_url":"https://github.com/ehrbase/ehrbase","commit_stats":null,"previous_names":[],"tags_count":74,"template":false,"template_full_name":null,"purl":"pkg:github/ehrbase/ehrbase","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ehrbase%2Fehrbase","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ehrbase%2Fehrbase/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ehrbase%2Fehrbase/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ehrbase%2Fehrbase/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ehrbase","download_url":"https://codeload.github.com/ehrbase/ehrbase/tar.gz/refs/heads/develop","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ehrbase%2Fehrbase/sbom","scorecard":{"id":15031,"data":{"date":"2025-08-11","repo":{"name":"github.com/ehrbase/ehrbase","commit":"9636cce4799df09903e18c2b44948b11c882ceca"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":5.1,"checks":[{"name":"Maintained","score":10,"reason":"30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Code-Review","score":3,"reason":"Found 7/20 approved changesets -- score normalized to 3","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Security-Policy","score":10,"reason":"security policy file detected","details":["Info: security policy file detected: SECURITY.md:1","Info: Found linked content: SECURITY.md:1","Info: Found disclosure, vulnerability, and/or timelines in security policy: SECURITY.md:1","Info: Found text in security policy: SECURITY.md:1"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Info: jobLevel 'actions' permission set to 'read': .github/workflows/check-codeql.yml:31","Info: jobLevel 'contents' permission set to 'read': .github/workflows/check-codeql.yml:32","Warn: jobLevel 'statuses' permission set to 'write': .github/workflows/status.yml:17","Warn: no topLevel permission defined: .github/workflows/build_and_test.yml:1","Warn: no topLevel permission defined: .github/workflows/check-codeql.yml:1","Warn: no topLevel permission defined: .github/workflows/check-style.yml:1","Info: topLevel 'actions' permission set to 'read': .github/workflows/collect-junit-results.yml:14","Warn: topLevel 'checks' permission set to 'write': .github/workflows/collect-junit-results.yml:15","Info: topLevel 'contents' permission set to 'read': .github/workflows/collect-junit-results.yml:13","Warn: no topLevel permission defined: .github/workflows/docker-ehrbase-postgres.yml:1","Warn: no topLevel permission defined: .github/workflows/job-docker-build-push.yml:1","Warn: no topLevel permission defined: .github/workflows/job-integration-test-cli.yml:1","Warn: no topLevel permission defined: .github/workflows/job-maven-publish.yml:1","Warn: no topLevel permission defined: .github/workflows/release.yml:1","Warn: topLevel 'contents' permission set to 'write': .github/workflows/report-robot-results.yml:13","Warn: no topLevel permission defined: .github/workflows/report-sonar-results.yml:1","Warn: no topLevel permission defined: .github/workflows/status.yml:1"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Dangerous-Workflow","score":0,"reason":"dangerous workflow patterns detected","details":["Warn: untrusted code checkout '${{ github.event.workflow_run.head_branch }}': .github/workflows/collect-junit-results.yml:29","Warn: untrusted code checkout '${{ github.event.workflow_run.head_branch }}': .github/workflows/report-sonar-results.yml:22"],"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: Apache License 2.0: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build_and_test.yml:482: update your workflow using https://app.stepsecurity.io/secureworkflow/ehrbase/ehrbase/build_and_test.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build_and_test.yml:496: update your workflow using https://app.stepsecurity.io/secureworkflow/ehrbase/ehrbase/build_and_test.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build_and_test.yml:519: update your workflow using https://app.stepsecurity.io/secureworkflow/ehrbase/ehrbase/build_and_test.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build_and_test.yml:522: update your workflow using https://app.stepsecurity.io/secureworkflow/ehrbase/ehrbase/build_and_test.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build_and_test.yml:528: update your workflow using https://app.stepsecurity.io/secureworkflow/ehrbase/ehrbase/build_and_test.yml/develop?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build_and_test.yml:534: update your workflow using https://app.stepsecurity.io/secureworkflow/ehrbase/ehrbase/build_and_test.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build_and_test.yml:567: update your workflow using https://app.stepsecurity.io/secureworkflow/ehrbase/ehrbase/build_and_test.yml/develop?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build_and_test.yml:634: update your workflow using https://app.stepsecurity.io/secureworkflow/ehrbase/ehrbase/build_and_test.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build_and_test.yml:311: update your workflow using https://app.stepsecurity.io/secureworkflow/ehrbase/ehrbase/build_and_test.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build_and_test.yml:319: update your workflow using https://app.stepsecurity.io/secureworkflow/ehrbase/ehrbase/build_and_test.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build_and_test.yml:385: update your workflow using https://app.stepsecurity.io/secureworkflow/ehrbase/ehrbase/build_and_test.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build_and_test.yml:393: update your workflow using https://app.stepsecurity.io/secureworkflow/ehrbase/ehrbase/build_and_test.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build_and_test.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/ehrbase/ehrbase/build_and_test.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build_and_test.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/ehrbase/ehrbase/build_and_test.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build_and_test.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/ehrbase/ehrbase/build_and_test.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build_and_test.yml:64: update your workflow using https://app.stepsecurity.io/secureworkflow/ehrbase/ehrbase/build_and_test.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build_and_test.yml:74: update your workflow using https://app.stepsecurity.io/secureworkflow/ehrbase/ehrbase/build_and_test.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build_and_test.yml:82: update your workflow using https://app.stepsecurity.io/secureworkflow/ehrbase/ehrbase/build_and_test.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build_and_test.yml:89: update your workflow using https://app.stepsecurity.io/secureworkflow/ehrbase/ehrbase/build_and_test.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build_and_test.yml:106: update your workflow using https://app.stepsecurity.io/secureworkflow/ehrbase/ehrbase/build_and_test.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build_and_test.yml:109: update your workflow using https://app.stepsecurity.io/secureworkflow/ehrbase/ehrbase/build_and_test.yml/develop?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build_and_test.yml:115: update your workflow using https://app.stepsecurity.io/secureworkflow/ehrbase/ehrbase/build_and_test.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build_and_test.yml:135: update your workflow using https://app.stepsecurity.io/secureworkflow/ehrbase/ehrbase/build_and_test.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build_and_test.yml:143: update your workflow using https://app.stepsecurity.io/secureworkflow/ehrbase/ehrbase/build_and_test.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build_and_test.yml:206: update your workflow using https://app.stepsecurity.io/secureworkflow/ehrbase/ehrbase/build_and_test.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build_and_test.yml:214: update your workflow using https://app.stepsecurity.io/secureworkflow/ehrbase/ehrbase/build_and_test.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build_and_test.yml:277: update your workflow using https://app.stepsecurity.io/secureworkflow/ehrbase/ehrbase/build_and_test.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build_and_test.yml:285: update your workflow using https://app.stepsecurity.io/secureworkflow/ehrbase/ehrbase/build_and_test.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build_and_test.yml:434: update your workflow using https://app.stepsecurity.io/secureworkflow/ehrbase/ehrbase/build_and_test.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build_and_test.yml:441: update your workflow using https://app.stepsecurity.io/secureworkflow/ehrbase/ehrbase/build_and_test.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build_and_test.yml:448: update your workflow using https://app.stepsecurity.io/secureworkflow/ehrbase/ehrbase/build_and_test.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build_and_test.yml:455: update your workflow using https://app.stepsecurity.io/secureworkflow/ehrbase/ehrbase/build_and_test.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/check-codeql.yml:47: update your workflow using https://app.stepsecurity.io/secureworkflow/ehrbase/ehrbase/check-codeql.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/check-codeql.yml:50: update your workflow using https://app.stepsecurity.io/secureworkflow/ehrbase/ehrbase/check-codeql.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/check-codeql.yml:58: update your workflow using https://app.stepsecurity.io/secureworkflow/ehrbase/ehrbase/check-codeql.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/check-codeql.yml:72: update your workflow using https://app.stepsecurity.io/secureworkflow/ehrbase/ehrbase/check-codeql.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/check-codeql.yml:85: update your workflow using https://app.stepsecurity.io/secureworkflow/ehrbase/ehrbase/check-codeql.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/check-style.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/ehrbase/ehrbase/check-style.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/check-style.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/ehrbase/ehrbase/check-style.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/collect-junit-results.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/ehrbase/ehrbase/collect-junit-results.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/collect-junit-results.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/ehrbase/ehrbase/collect-junit-results.yml/develop?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/collect-junit-results.yml:47: update your workflow using https://app.stepsecurity.io/secureworkflow/ehrbase/ehrbase/collect-junit-results.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docker-ehrbase-postgres.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/ehrbase/ehrbase/docker-ehrbase-postgres.yml/develop?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/docker-ehrbase-postgres.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/ehrbase/ehrbase/docker-ehrbase-postgres.yml/develop?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/docker-ehrbase-postgres.yml:48: update your workflow using https://app.stepsecurity.io/secureworkflow/ehrbase/ehrbase/docker-ehrbase-postgres.yml/develop?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/docker-ehrbase-postgres.yml:55: update your workflow using https://app.stepsecurity.io/secureworkflow/ehrbase/ehrbase/docker-ehrbase-postgres.yml/develop?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/docker-ehrbase-postgres.yml:59: update your workflow using https://app.stepsecurity.io/secureworkflow/ehrbase/ehrbase/docker-ehrbase-postgres.yml/develop?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/docker-ehrbase-postgres.yml:64: update your workflow using https://app.stepsecurity.io/secureworkflow/ehrbase/ehrbase/docker-ehrbase-postgres.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/job-docker-build-push.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/ehrbase/ehrbase/job-docker-build-push.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/job-docker-build-push.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/ehrbase/ehrbase/job-docker-build-push.yml/develop?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/job-docker-build-push.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/ehrbase/ehrbase/job-docker-build-push.yml/develop?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/job-docker-build-push.yml:46: update your workflow using https://app.stepsecurity.io/secureworkflow/ehrbase/ehrbase/job-docker-build-push.yml/develop?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/job-docker-build-push.yml:49: update your workflow using https://app.stepsecurity.io/secureworkflow/ehrbase/ehrbase/job-docker-build-push.yml/develop?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/job-docker-build-push.yml:54: update your workflow using https://app.stepsecurity.io/secureworkflow/ehrbase/ehrbase/job-docker-build-push.yml/develop?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/job-docker-build-push.yml:66: update your workflow using https://app.stepsecurity.io/secureworkflow/ehrbase/ehrbase/job-docker-build-push.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/job-integration-test-cli.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/ehrbase/ehrbase/job-integration-test-cli.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/job-maven-publish.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/ehrbase/ehrbase/job-maven-publish.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/job-maven-publish.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/ehrbase/ehrbase/job-maven-publish.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/job-maven-publish.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/ehrbase/ehrbase/job-maven-publish.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/job-maven-publish.yml:43: update your workflow using https://app.stepsecurity.io/secureworkflow/ehrbase/ehrbase/job-maven-publish.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/ehrbase/ehrbase/release.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/ehrbase/ehrbase/release.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/report-robot-results.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/ehrbase/ehrbase/report-robot-results.yml/develop?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/report-robot-results.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/ehrbase/ehrbase/report-robot-results.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/report-sonar-results.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/ehrbase/ehrbase/report-sonar-results.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/report-sonar-results.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/ehrbase/ehrbase/report-sonar-results.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/report-sonar-results.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/ehrbase/ehrbase/report-sonar-results.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/report-sonar-results.yml:48: update your workflow using https://app.stepsecurity.io/secureworkflow/ehrbase/ehrbase/report-sonar-results.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/report-sonar-results.yml:56: update your workflow using https://app.stepsecurity.io/secureworkflow/ehrbase/ehrbase/report-sonar-results.yml/develop?enable=pin","Warn: containerImage not pinned by hash: Dockerfile:2: pin your Docker image by updating eclipse-temurin:21-jre-alpine to eclipse-temurin:21-jre-alpine@sha256:4ca7eff3ab0ef9b41f5fefa35efaeda9ed8d26e161e1192473b24b3a6c348aef","Warn: containerImage not pinned by hash: Dockerfile_postgres:4","Warn: containerImage not pinned by hash: tests/DockerfileJacocoCLI:4","Warn: containerImage not pinned by hash: tests/DockerfileJacocoCLI:22: pin your Docker image by updating eclipse-temurin:21-jre-alpine to eclipse-temurin:21-jre-alpine@sha256:4ca7eff3ab0ef9b41f5fefa35efaeda9ed8d26e161e1192473b24b3a6c348aef","Warn: containerImage not pinned by hash: tests/DockerfileTest:6","Warn: containerImage not pinned by hash: tests/DockerfileTest:24","Info:   0 out of  54 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of  15 third-party GitHubAction dependencies pinned","Info:   0 out of   6 containerImage dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Packaging","score":10,"reason":"packaging workflow detected","details":["Info: Project packages its releases by way of GitHub Actions.: .github/workflows/build_and_test.yml:98"],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"SAST","score":9,"reason":"SAST tool detected but not run on all commits","details":["Info: SAST configuration detected: CodeQL","Warn: 15 commits out of 17 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":7,"reason":"3 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-pq2g-wx69-c263","Warn: Project is vulnerable to: GHSA-j288-q9x7-2f5v","Warn: Project is vulnerable to: GHSA-hq9p-pm7w-8p54"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-14T15:34:43.505Z","repository_id":37902104,"created_at":"2025-08-14T15:34:43.505Z","updated_at":"2025-08-14T15:34:43.505Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31312744,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-02T12:59:32.332Z","status":"ssl_error","status_checked_at":"2026-04-02T12:54:48.875Z","response_time":89,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cdr","clinical","clinical-data","ehr","openehr"],"created_at":"2026-01-11T16:58:12.677Z","updated_at":"2026-04-02T18:02:36.816Z","avatar_url":"https://github.com/ehrbase.png","language":"Java","funding_links":[],"categories":[],"sub_categories":[],"readme":"# EHRbase\n\n![Maven Central](https://img.shields.io/maven-central/v/org.ehrbase.openehr/server) ![Docker Image Version (latest semver)](https://img.shields.io/docker/v/ehrbase/ehrbase?sort=semver) [![Quality Gate Status](https://sonarcloud.io/api/project_badges/measure?project=ehrbase_ehrbase\u0026metric=alert_status)](https://sonarcloud.io/summary/new_code?id=ehrbase_ehrbase) [![Contributor Covenant](https://img.shields.io/badge/Contributor%20Covenant-2.1-4baaaa.svg)](CODE_OF_CONDUCT.md)\n\n[![EHRbase Logo](ehrbase.png)](ehrbase.png)\n\nEHRbase is an [openEHR](https://www.openehr.org/) Clinical Data Repository, providing a standard-based backend for\ninteroperable clinical applications. It implements the latest version of the openEHR Reference Model (RM 1.1.0) and\nversion 1.4 of the Archetype Definition Language (ADL). Applications can use the capabilities of EHRbase through the\nlatest version of the [openEHR REST API](https://specifications.openehr.org/releases/ITS-REST/latest/) and model-based\nqueries using the [Archetype Query Language](https://specifications.openehr.org/releases/QUERY/latest/AQL.html).\n\n----\n\n## Release notes\n\nPlease check the [CHANGELOG](https://github.com/ehrbase/ehrbase/blob/develop/CHANGELOG.md)\n\n## Documentation\n\nCheck out the documentation at https://docs.ehrbase.org\n\n## Quick Start: Run EHRbase with Docker\n\n\u003e [!TIP]\n\u003e The fastest way to get started with EHRbase and openEHR is the **EHRbase Sandbox** available at https://sandkiste.ehrbase.org/.\n\u003e \n\u003e For a deployment on premise read below.\n\nCheck out the Installation guide at https://docs.ehrbase.org/docs/EHRbase/installation\n\n## Building and Installing EHRbase\n\nThese instructions will get you a copy of the project up and running on your local machine **for development and testing\npurposes**. Please read these instructions carefully. See [deployment](#deployment) for notes on how to deploy the\nproject on a live system.\n\n### Prerequisites\n\nYou will need Java JDK/JRE 25 (preferably openJDK: e.g. from https://adoptopenjdk.net/)\n\nDocker is required to build EHRbase.\n\nYou will need a Postgres Database (at least Version 15 or higher, Version 16 recommended) (Docker image or local installation).\nWe recommend the Docker image to get started quickly.\n\n### Installing\n\n#### 1. Setup database\n\nRun `./createdb.sql` as `postgres` User.\n\nYou can also use this Docker image which is a preconfigured Postgres database:\n\n```shell\n    docker network create ehrbase-net\n    docker run --name ehrdb --network ehrbase-net -e POSTGRES_PASSWORD=postgres -d -p 5432:5432 ehrbase/ehrbase-v2-postgres:16.2\n```\n\n(For a preconfigured EHRbase application Docker image and its usage see the [Installation](https://docs.ehrbase.org/docs/EHRbase/installation) guide.\n\n#### 2. Setup Maven environment\n\nEdit the database properties in  `./pom.xml` if necessary\n\n#### 3. Build EHRbase\n\nRun `mvn package`\n\n#### 4. Run EHRbase\n\nReplace the * with the current version, e.g. `application/target/ehrbase-2.0.0.jar`\n\n`java -jar application/target/ehrbase-*.jar`\n\n### Authentication Types\n\n#### 1. Basic Auth\n\nEHRbase can use Basic Authentication for all resources. This means you have to send an 'Authorization' header\nset with keyword `Basic` followed by the authentication information in Base64 encoded username and password. To\ngenerate the Base64 encoded username and password combination create the string after the following schema:\n`username:password`.\n\nThe Basic Auth mechanism is implemented as \"opt-in\" and can be activated either by providing an environment variable\n`SECURITY_AUTHTYPE=BASIC` with the start command or by adding the value into the target application.yml file.\n\nCurrently we have support one user with password which can be set via environment variables `SECURITY_AUTHUSER` and\n`SECURITY_AUTHPASSWORD`. By default these values are set with `ehrbase-user` and `authPassword=SuperSecretPassword`\nand can be overridden by environment values. Alternatively you can set them inside the corresponding application.yml\nfile.\n\nThe same applies to the *admin* user, via `SECURITY_AUTHADMINUSER`, `SECURITY_AUTHADMINPASSWORD`\nand their default values of `ehrbase-admin` and `EvenMoreSecretPassword`.\n\n#### 2. OAuth2\n\nEnvironment variable `SECURITY_AUTHTYPE=OAUTH` is enabling OAuth2 authentication.\n\nAdditionally, setting the following variable to point to the existing OAuth2 server and realm is necessary:\n`SPRING_SECURITY_OAUTH2_RESOURCESERVER_JWT_ISSUERURI=http://localhost:8081/auth/realms/ehrbase`\n\nTwo roles are available: a user role, and admin role. By default, these roles are expected to be named `USER` and\n`ADMIN`. The names of these roles can be customised through the `SECURITY_OAUTH2USERROLE` and `SECURITY_OAUTH2ADMINROLE`\nenvironment variables. Users should have their roles assigned accordingly, either in the `realm_access.roles` or `scope`\nclaim of the JWT used for authentication.\n\n## Contributing\n\n### Codestyle/Formatting\n\nEHRbase java sourcecode is using [palantir-java-format](https://github.com/palantir/palantir-java-format) codestyle.\nThe formatting is checked and applied using\nthe [spotless-maven-plugin](https://github.com/diffplug/spotless/tree/main/plugin-maven).\nTo apply the codestyle run the `com.diffplug.spotless:spotless-maven-plugin:apply` maven goal in the root directory of\nthe project.\nTo check if the code conforms to the codestyle run the `com.diffplug.spotless:spotless-maven-plugin:check` maven goal in\nthe root directory of the project.\nThese maven goals can also be run for a single module by running them in the modules' subdirectory.\n\nTo make sure all code conforms to the codestyle, the \"check-codestyle\" check is run on all pull requests.\nPull requests not passing this check shall not be merged.\n\nIf you wish to automatically apply the formatting on commit for *.java files, a simple pre-commit hook script \"\npre-commit.sh\" is available in the root directory of this repository.\nTo enable the hook you can either copy the script to or create a symlink for it at `.git/hooks/pre-commit`.\nThe git hook will run the \"apply\" goal for the whole project, but formatting changes will only be staged for already\nstaged files, to avoid including unrelated changes.\n\nIn case there is a section of code that you carefully formatted in a special way the formatting can be turned off for\nthat section like this:\n\n```\neverything here will be reformatted..\n\n// @formatter:off\n\n    This is not affected by spotless-plugin reformatting...\n            And will stay as is it is!\n\n// @formatter:on\n\neverything here will be reformatted..\n```\n\nPlease be aware that `@formatter:off/on` should only be used on rare occasions to increase readability of complex code and shall be looked at critically when reviewing merge requests.\n\n## Running the tests\n\nFor integration tests please refer to the [integration-test](https://github.com/ehrbase/integration-tests) repository\n\n## Deployment\n\n 1. `java -jar application/target/ehrbase-*.jar` You can override the application properties (like database settings) using the normal spring boot mechanism: [Command-Line Arguments in Spring Boot](https://www.baeldung.com/spring-boot-command-line-arguments)\n 2. Browse to Swagger UI --\u003e http://localhost:8080/ehrbase/swagger-ui.html\n\n## Updating\n\nBefore updating to a new version of EHRBase check [UPDATING.md](UPDATING.md) for any backwards-incompatible changes and additional\nsteps needed in EHRBase. New Releases may introduce DB changes. It is thus recommend to make a DB backup before\nupdating.\n\n## Built With\n\n* [Maven](https://maven.apache.org/) - Dependency Management\n\n----\n\n## Acknowledgments\n\nEHRbase contains code and derived code from EtherCIS (ethercis.org) which has been developed by Christian Chevalley (\nADOC Software Development Co.,Ltd).\nDr. Tony Shannon and Phil Berret of the [Ripple Foundation CIC Ltd, UK](https://ripple.foundation/) and Dr. Ian\nMcNicoll (FreshEHR Ltd.) greatly contributed to EtherCIS.\n\nEHRbase heavily relies on the openEHR Reference Model implementation ([Archie](https://github.com/openEHR/archie)) made\nby Nedap. Many thanks to Pieter Bos and his team for their work!\n\nEHRbase is jointly developed by [Vitasystems GmbH](https://www.vitagroup.ag/de_DE/Ueber-uns/vitasystems)\nand [Peter L. Reichertz Institute for Medical Informatics of TU Braunschweig and Hannover Medical School](https://www.plri.de/)\n\n\n## License\n\nEHRbase uses the [Apache License, Version 2.0](https://www.apache.org/licenses/LICENSE-2.0)\n\n## Stargazers over time\n\n[![Stargazers over time](https://starchart.cc/ehrbase/ehrbase.svg)](https://starchart.cc/ehrbase/ehrbase)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fehrbase%2Fehrbase","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fehrbase%2Fehrbase","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fehrbase%2Fehrbase/lists"}