{"id":15066453,"url":"https://github.com/fischerscode/uptodate","last_synced_at":"2026-02-03T04:33:19.572Z","repository":{"id":42900082,"uuid":"411033287","full_name":"fischerscode/uptodate","owner":"fischerscode","description":"Keep your repository 'uptodate'.","archived":false,"fork":false,"pushed_at":"2023-09-04T13:22:18.000Z","size":111,"stargazers_count":2,"open_issues_count":1,"forks_count":0,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-11-10T16:35:35.818Z","etag":null,"topics":["actions","dartlang","dependencies","helm","uptodate"],"latest_commit_sha":null,"homepage":"","language":"Dart","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"agpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/fischerscode.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2021-09-27T20:27:59.000Z","updated_at":"2024-04-18T03:37:55.000Z","dependencies_parsed_at":"2024-09-25T01:08:14.366Z","dependency_job_id":"60d239bf-54ed-4b16-be40-d37e898094ce","html_url":"https://github.com/fischerscode/uptodate","commit_stats":{"total_commits":95,"total_committers":2,"mean_commits":47.5,"dds":"0.021052631578947323","last_synced_commit":"671a2dcf15919dc5d7832eba79bf6cb2d74278cf"},"previous_names":[],"tags_count":29,"template":false,"template_full_name":null,"purl":"pkg:github/fischerscode/uptodate","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fischerscode%2Fuptodate","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fischerscode%2Fuptodate/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fischerscode%2Fuptodate/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fischerscode%2Fuptodate/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/fischerscode","download_url":"https://codeload.github.com/fischerscode/uptodate/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fischerscode%2Fuptodate/sbom","scorecard":{"id":401277,"data":{"date":"2025-08-11","repo":{"name":"github.com/fischerscode/uptodate","commit":"5e8defdb21701bdef06b623c17c426cfb6951ad3"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":3.1,"checks":[{"name":"Code-Review","score":0,"reason":"Found 0/24 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/fischerscode/uptodate/ci.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/fischerscode/uptodate/ci.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yaml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/fischerscode/uptodate/ci.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yaml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/fischerscode/uptodate/release.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yaml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/fischerscode/uptodate/release.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yaml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/fischerscode/uptodate/release.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yaml:43: update your workflow using https://app.stepsecurity.io/secureworkflow/fischerscode/uptodate/release.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yaml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/fischerscode/uptodate/release.yaml/master?enable=pin","Warn: containerImage not pinned by hash: Dockerfile:1","Info:   0 out of   4 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of   4 third-party GitHubAction dependencies pinned","Info:   0 out of   1 containerImage dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/ci.yaml:1","Warn: no topLevel permission defined: .github/workflows/release.yaml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: GNU Affero General Public License v3.0: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'master'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Signed-Releases","score":0,"reason":"Project has not signed or included provenance with any releases.","details":["Warn: release artifact v0.8.0 not signed: https://api.github.com/repos/fischerscode/uptodate/releases/91313420","Warn: release artifact v0.7.1 not signed: https://api.github.com/repos/fischerscode/uptodate/releases/65926101","Warn: release artifact v0.7.0 not signed: https://api.github.com/repos/fischerscode/uptodate/releases/60986864","Warn: release artifact v0.7.0-rc1 not signed: https://api.github.com/repos/fischerscode/uptodate/releases/60986533","Warn: release artifact v0.6.1 not signed: https://api.github.com/repos/fischerscode/uptodate/releases/56695632","Warn: release artifact v0.8.0 does not have provenance: https://api.github.com/repos/fischerscode/uptodate/releases/91313420","Warn: release artifact v0.7.1 does not have provenance: https://api.github.com/repos/fischerscode/uptodate/releases/65926101","Warn: release artifact v0.7.0 does not have provenance: https://api.github.com/repos/fischerscode/uptodate/releases/60986864","Warn: release artifact v0.7.0-rc1 does not have provenance: https://api.github.com/repos/fischerscode/uptodate/releases/60986533","Warn: release artifact v0.6.1 does not have provenance: https://api.github.com/repos/fischerscode/uptodate/releases/56695632"],"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 6 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}}]},"last_synced_at":"2025-08-18T20:08:54.968Z","repository_id":42900082,"created_at":"2025-08-18T20:08:54.969Z","updated_at":"2025-08-18T20:08:54.969Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29032941,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-02-03T02:28:16.591Z","status":"ssl_error","status_checked_at":"2026-02-03T02:27:48.904Z","response_time":96,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["actions","dartlang","dependencies","helm","uptodate"],"created_at":"2024-09-25T01:08:11.652Z","updated_at":"2026-02-03T04:33:19.557Z","avatar_url":"https://github.com/fischerscode.png","language":"Dart","funding_links":[],"categories":[],"sub_categories":[],"readme":"[![CI](https://github.com/fischerscode/uptodate/actions/workflows/ci.yaml/badge.svg)](https://github.com/fischerscode/uptodate/actions/workflows/ci.yaml)\n[![](https://img.shields.io/github/v/release/fischerscode/uptodate)](https://github.com/fischerscode/uptodate/releases/latest)\n[![](https://img.shields.io/github/license/fischerscode/uptodate)](https://github.com/fischerscode/uptodate/blob/master/LICENSE)\n[![on release](https://github.com/fischerscode/uptodate/actions/workflows/release.yaml/badge.svg)](https://github.com/fischerscode/uptodate/actions/workflows/release.yaml)\n\nYou can use UpToDate either as a [command line tool](#uptodate-as-a-command-line-tool) or a [GitHub Action](#uptodate-action)\n\n\n# Content\n- [Content](#content)\n- [UpToDate Action](#uptodate-action)\n  - [Usage](#usage)\n- [UpToDate as a command line tool](#uptodate-as-a-command-line-tool)\n  - [Usage](#usage-1)\n- [Configuration](#configuration)\n  - [Config file](#config-file)\n  - [Dependency types](#dependency-types)\n    - [Web dependency](#web-dependency)\n    - [Json web dependency](#json-web-dependency)\n    - [Yaml web dependency](#yaml-web-dependency)\n    - [GitHub dependency](#github-dependency)\n    - [Helm dependency](#helm-dependency)\n\n# UpToDate Action\nThis action helps you to keep your repository up to date, by creating issues as soon as your dependencies changed.\n\n## Usage\n1. Create a workflow like this:\n```yaml\nname: uptodate\n\non:\n  schedule:\n    - cron: \"0 0 * * *\"\n\njobs:\n  uptodate:\n    runs-on: ubuntu-latest\n    steps:\n      # You have to check out your repo first.\n      - uses: actions/checkout@v2\n      - uses: fischerscode/uptodate@v0.7\n        with:\n          # The location of the config file.\n          # Defaults to '.uptodate.yaml'\n          config: ''\n\n          # The token used for creating issues.\n          # Defaults to ${{ github.token }}\n          token: ''\n\n          # The target repository for new issues.\n          # Defaults to ${{ github.repository }}\n          repository: ''\n```\n2. Create the config file `.uptodate.yaml` ([Documentation](#configuration)).\n\n# UpToDate as a command line tool\n\n`dart pub global activate uptodate`\n\nOR\n\nUse a  [prebuilt executable](https://github.com/fischerscode/uptodate/releases/latest).\n\n## Usage\n```\nA tool that helps you to keep your repository up to date.\n\nUsage: uptodate \u003ccommand\u003e [arguments]\n\nGlobal options:\n-h, --help                Print this usage information.\n-f, --file (mandatory)    The config file.\n-v, --[no-]verbose        Detailed output.\n\nAvailable commands:\n  check     Check the dependencies in the config file for updates.\n  github    Check for updates and create issues in your GitHub repository.\n  version   Print uptodate version.\n\nRun \"uptodate help \u003ccommand\u003e\" for more information about a command.\n```\n\n# Configuration\nUptodate is configured using a [single file](#config-file) where all the [dependencies]() and their currently used versions are stored in.\n\n## Config file\n```yaml\ndependencies:   # The unsorted list containing the dependencies.\n  - name: testdependency        # The name of the dependency\n    type: typ                   # The type of the dependency\n    currentVersion: 1.2.3       # The current version of the dependency\n    issueLabels:                # The labels added to the issue\n      - dependencies\n      - test\ndefaultIssueTitle: \"Update $name to $latestVersion\"     # The default issue title\ndefaultIssueBody: \"Update $name to $latestVersion\"      # The default issue body\n```\nIn `defaultIssueTitle` and `defaultIssueBody` the following variables are allowed:\n- `$name`: the name of the dependency\n- `$currentVersion`: the current version of the dependency\n- `$latestVersion`: the latest available version\n\nUsing `issueTitle` every dependency can be override `defaultIssueTitle`.\nUsing `issueBody` every dependency can be override `defaultIssueBody`.\n\n## Dependency types\nThere are multiple dependency types:\n - [Web dependency](#web-dependency)\n - [Json web dependency](#json-web-dependency)\n - [Yaml web dependency](#yaml-web-dependency)\n - [GitHub dependency](#github-dependency)\n - [Helm dependency](#helm-dependency)\n\n### Web dependency\nAn url gets called to receive the latest version of the dependency.\n```yaml\ndependencies:\n  - name: testdependency        # The name of the dependency. (required)\n    type: web                   # The type of the dependency. (required)\n    currentVersion: 1.2.3       # The current version of the dependency. (required)\n    url: 'http://example.com'   # The url that gets called. (required)\n```\n### Json web dependency\nAn url gets called to receive a json document containing the latest version.\n```yaml\ndependencies:\n  - name: testdependency          # The name of the dependency. (required)\n    type: webjson                 # The type of the dependency. (required)\n    currentVersion: 1.2.3         # The current version of the dependency. (required)\n    url: 'http://example.com'     # The url that gets called. (required)\n    path: args.versions.0.version # The path to the latest version. (defaults to '')\n    prefix: v                     # The prefix of the semantic versions. \n                                  # (v1.2.3 instead of 1.2.3)\n                                  # Defaults to ''\n```\n### Yaml web dependency\nAn url gets called to receive a (single) yaml document containing the latest version.\n```yaml\ndependencies:\n  - name: testdependency          # The name of the dependency. (required)\n    type: webyaml                 # The type of the dependency. (required)\n    currentVersion: 1.2.3         # The current version of the dependency. (required)\n    url: 'http://example.com'     # The url that gets called. (required)\n    path: args.versions.0.version # The path to the latest version. (defaults to '')\n    prefix: v                     # The prefix of the semantic versions. \n                                  # (v1.2.3 instead of 1.2.3)\n                                  # Defaults to ''\n```\n### GitHub dependency\nUses a GitHub repository to receive the latest version.\nThe version is gathered from the latest (non pre-)release (or tag) that has the right prefix.\n```yaml\ndependencies:\n  - name: gitdependency            # The name of the dependency. (required)\n    type: github                   # The type of the dependency. (required)\n    currentVersion: v1.2.3         # The current version of the dependency. (required)\n    repo: 'fischerscode/uptodate'  # The repository. (required)\n    isTag: true                    # Wether the version is determined by the latest\n                                   # tag rather then release (defaults to false)\n    path: tag_name                 # The path to the latest version. (defaults to tag_name)\n    prefix: v                      # The prefix of the semantic versions. \n                                   # Is set, releases/tags not matching the prefix are ignored.\n                                   # (v1.2.3 instead of 1.2.3)\n                                   # Defaults to ''\n```\n### Helm dependency\nUses a Helm repository to receive the latest version.\nThe version is gathered from by the yaml path.\n```yaml\ndependencies:\n  - name: helmdependency           # The name of the dependency. (required)\n    type: helm                     # The type of the dependency. (required)\n    currentVersion: v1.2.3         # The current version of the dependency. (required)\n    repo: 'https://helm.traefik.io/traefik'  # The repository. (required)\n    chart: traefik                      # The chart. (required)\n    prefix: v                           # The prefix of the semantic versions. \n                                        # (v1.2.3 instead of 1.2.3)\n                                        # Defaults to ''\n    path: 'entries.traefik.0.version'   # The path to the latest version. (defaults to 'entries.$chart.0.version')\n```","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffischerscode%2Fuptodate","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ffischerscode%2Fuptodate","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffischerscode%2Fuptodate/lists"}