{"id":13533489,"url":"https://github.com/forseti-security/forseti-security","last_synced_at":"2026-01-14T15:23:28.632Z","repository":{"id":41876334,"uuid":"82210080","full_name":"forseti-security/forseti-security","owner":"forseti-security","description":"Forseti Security","archived":true,"fork":false,"pushed_at":"2023-06-05T23:47:26.000Z","size":87743,"stargazers_count":1275,"open_issues_count":20,"forks_count":276,"subscribers_count":80,"default_branch":"master","last_synced_at":"2025-09-27T08:56:28.008Z","etag":null,"topics":["forseti-security","gcp","google-cloud-platform","security-tools"],"latest_commit_sha":null,"homepage":"https://forsetisecurity.org","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/forseti-security.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":".github/CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":".github/GOVERNANCE.md","roadmap":null,"authors":"AUTHORS","dei":null,"publiccode":null,"codemeta":null}},"created_at":"2017-02-16T18:01:26.000Z","updated_at":"2025-07-28T16:00:47.000Z","dependencies_parsed_at":"2024-08-01T07:44:10.418Z","dependency_job_id":null,"html_url":"https://github.com/forseti-security/forseti-security","commit_stats":null,"previous_names":[],"tags_count":67,"template":false,"template_full_name":null,"purl":"pkg:github/forseti-security/forseti-security","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/forseti-security%2Fforseti-security","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/forseti-security%2Fforseti-security/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/forseti-security%2Fforseti-security/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/forseti-security%2Fforseti-security/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/forseti-security","download_url":"https://codeload.github.com/forseti-security/forseti-security/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/forseti-security%2Fforseti-security/sbom","scorecard":{"id":407340,"data":{"date":"2025-08-11","repo":{"name":"github.com/forseti-security/forseti-security","commit":"9069bfb04e818e51f484d860a249de0d578d4cf3"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":3.9,"checks":[{"name":"Code-Review","score":10,"reason":"all changesets reviewed","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Token-Permissions","score":-1,"reason":"No tokens found","details":null,"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Dangerous-Workflow","score":-1,"reason":"no workflows found","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Maintained","score":0,"reason":"project is archived","details":["Warn: Repository is archived."],"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: Apache License 2.0: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Vulnerabilities","score":5,"reason":"5 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-496j-2rq6-j6cc","Warn: Project is vulnerable to: GHSA-8qvm-5x2c-j2w7","Warn: Project is vulnerable to: PYSEC-2025-49 / GHSA-5rjg-fvgr-3xxf","Warn: Project is vulnerable to: GHSA-cx63-2mw6-8hw5","Warn: Project is vulnerable to: PYSEC-2022-43012 / GHSA-r9hx-vwmv-q579"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Info: Possibly incomplete results: error parsing shell code: \u003c\u003e must be followed by a word: install/scripts/cos_setup_forseti.sh:0","Warn: containerImage not pinned by hash: Dockerfile:16","Warn: containerImage not pinned by hash: Dockerfile:36","Warn: containerImage not pinned by hash: Dockerfile:53","Warn: containerImage not pinned by hash: Dockerfile:68","Warn: containerImage not pinned by hash: Dockerfile:77","Warn: containerImage not pinned by hash: Dockerfile:101","Warn: containerImage not pinned by hash: Dockerfile:121","Warn: pipCommand not pinned by hash: Dockerfile:59","Warn: pipCommand not pinned by hash: Dockerfile:61","Warn: pipCommand not pinned by hash: Dockerfile:71","Warn: downloadThenRun not pinned by hash: install/scripts/docker_run_forseti.sh:26","Info:   0 out of   7 containerImage dependencies pinned","Info:   0 out of   3 pipCommand dependencies pinned","Info:   0 out of   1 downloadThenRun dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 30 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}}]},"last_synced_at":"2025-08-18T21:41:49.693Z","repository_id":41876334,"created_at":"2025-08-18T21:41:49.693Z","updated_at":"2025-08-18T21:41:49.693Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28424324,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-14T13:30:50.153Z","status":"ssl_error","status_checked_at":"2026-01-14T13:29:08.907Z","response_time":107,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["forseti-security","gcp","google-cloud-platform","security-tools"],"created_at":"2024-08-01T07:01:20.368Z","updated_at":"2026-01-14T15:23:28.615Z","avatar_url":"https://github.com/forseti-security.png","language":"Python","funding_links":[],"categories":["Google cloud platform","Infrastructure","Python","\u003ca id=\"6730dabeca61fcf64d4f7631abae6734\"\u003e\u003c/a\u003eGoogleCloud\u0026\u0026谷歌云","\u003ca id=\"8c5a692b5d26527ef346687e047c5c21\"\u003e\u003c/a\u003e收集","GCP Security"],"sub_categories":["\u003ca id=\"0476f6b97e87176da0a0d7328f8747e7\"\u003e\u003c/a\u003eblog","Defensive"],"readme":"# Notice of Archiving\n\nDear Forseti users,\n\nWe are writing to inform you that we plan to archive the Forseti-Security repository.\n\nOver the past few years, GCP Security has introduced a host of new features and capabilities that have addressed many security challenges targeted by Forseti. With low community engagement and limited improvements in the last two years, we have decided to place Forseti Security in archive. Note that other repos such as Forseti Real-Time-Enforcer and Resource-Policy-Evaliation-Library have also been automatically archived in February 2023 following no activities.\n\nWe plan to complete the archiving process by the end of June 2023.\n\nWhat does this mean for you?\n\n* The Forseti-Security repository will be read-only, meaning that users will not be able to modify or contribute additional code.\n* You will however be able to fork or clone the repository and continue to use it however bearing ownership of your instance.\n* There will be no additional support from Google on Forseti. We are moving the existing support teams to new projects.\n\nWe thank you for your active engagement over the last few years. \n\n---\n\n# Forseti Security\nA community-driven collection of open source tools to improve the security of your Google Cloud Platform environments.\n\n[Get Started](https://forsetisecurity.org/docs/latest/setup/install.html) with Forseti Security.\n\n## Contributing\nWe are continually improving Forseti Security and invite you to submit feature requests and bug reports. If you would like to contribute to our development efforts, please review our [contributing guidelines](/.github/CONTRIBUTING.md) and submit a pull request.\n\n[More info on the branches.](https://forsetisecurity.org/docs/latest/develop/branch-management.html)\n\n### forsetisecurity.org\nIf you would like to contribute to forsetisecurity.org, the website and its content are contained in the `forsetisecurity.org-dev` branch. Visit its [README](https://github.com/forseti-security/forseti-security/tree/forsetisecurity.org-dev#forseti-security) for instructions on how to make changes.\n\n## Governance\nFor information on how this project is managed and governed review our [governance](.github/GOVERNANCE.md) guidelines.\n\n## Community \nReview our  [community page](http://forsetisecurity.org/community/) for ways to engage with the Forseti Community.\n\n## Support\nSupport for the Forseti Security product can be obtained through a few channels: \n* Join the [Slack Channel](https://forsetisecurity.org/community/) and engage in discussions with other users and the Forseti community.\n* Ask a question about Forseti and get community support by posting to (discuss@forsetisecurity.org). Posts can receive responses from the community or from engineers on the Forseti team. \n* File a GitHub [issue](https://github.com/forseti-security/forseti-security/issues/new). Issues are typically reviewed and triaged within 24 - 48 hours. \n\n## Releases\nProduct releases will occur on a quarterly schedule. An out of band patch release may occur but only for a critical defect or security issue. \nThe team will support patching critical defects or security issues in the current release and in the  2 previous quarterly releases only. If a defect is found in a release beyond current - 2 customers are expected to upgrade to a current supported version of the product.\n\n## Issue Triage\nThe triage process is a multi-step process that is collaboratively performed by the core project team and our issue bot. Triaging typically should occur within 1 - 2 business days, but may take longer, if the project team is not around.\nThe purpose of triaging is to clearly understand the request and determine the next steps for what will happen with your issue. \nIt's straightforward to understand whether or not your issue is triaged: if the issue contains the *triaged :yes* label this indiacts the issue has been reviewed and classified by the project team.\nIn the case of a bug the a team member may request more details or information in order to better understand the problem, help determine prioritization or aid in reproducing the issue.\nWe close issues for the following reasons:\n| Reason | Label |\n| ------------- | ------------- |\n| The issue is obsolete or already fixed. | N/A |\n| We didn't get the information we needed within 7 days. | issue-review: need-more-information |\n| Given the information we have we can't reproduce the issue or do not feel the issue necessitates a fix.  | issue-review: closed won't fix  |\n| There has been activity on the issue for a significant period of time.  | stale |\n\n###  Assigning  Milestones\nIn addition to [milestones](https://github.com/forseti-security/forseti-security/milestones]) representing our iterations for our product [releases](https://github.com/forseti-security/forseti-security/releases) we add additional labels that have special meaning:\n*   `Backlog` Issue to be considered at some point in the future\n*   `1 - Planning` Issues being considered for one of the next 3 iterations. The issue is on the short list to be assigned to a concrete iteration. \n*   `2 - Ready` Issue assigned and scheduled for a specific target milestone release\n*   `3 - Work in progress` Issue is assigned to engineer and is actively working on the issue for targeted milestone release\n\n## Pull Requests\nThe team and community encourages pull requests to fix issues or improve the product. Pull requests are typically reviewed within 48 hours of submission. \nIf pull requests become inactive they will be automatically closed, but can be quickly and easily re-opened.\nPlease review the project’s contributing [guidelines](.github/CONTRIBUTING.md) before submitting a pull request.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fforseti-security%2Fforseti-security","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fforseti-security%2Fforseti-security","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fforseti-security%2Fforseti-security/lists"}