{"id":13573017,"url":"https://github.com/gnolang/gno","last_synced_at":"2026-01-14T11:51:45.936Z","repository":{"id":37247002,"uuid":"334215717","full_name":"gnolang/gno","owner":"gnolang","description":"Gno: An interpreted, stack-based Go virtual machine to build succinct and composable apps + gno.land: a blockchain for timeless code and fair open-source.","archived":false,"fork":false,"pushed_at":"2026-01-12T03:01:23.000Z","size":130770,"stargazers_count":1043,"open_issues_count":602,"forks_count":446,"subscribers_count":66,"default_branch":"master","last_synced_at":"2026-01-12T03:04:30.847Z","etag":null,"topics":["bft","blockchain","composability","concurrency","cosmos","fairness","gno","gnoland","gnolang","gnovm","golang","hacktoberfest","interpreter","proof-of-contribution","smart-contracts","tendermint","tendermint2","truth-discovery","virtual-machine","web3"],"latest_commit_sha":null,"homepage":"https://gno.land/","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/gnolang.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE.md","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2021-01-29T17:28:08.000Z","updated_at":"2026-01-11T09:30:47.000Z","dependencies_parsed_at":"2023-10-01T17:56:27.240Z","dependency_job_id":"e4b78fbd-d775-4f23-b48e-053d03cec6a5","html_url":"https://github.com/gnolang/gno","commit_stats":null,"previous_names":[],"tags_count":36,"template":false,"template_full_name":null,"purl":"pkg:github/gnolang/gno","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gnolang%2Fgno","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gnolang%2Fgno/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gnolang%2Fgno/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gnolang%2Fgno/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/gnolang","download_url":"https://codeload.github.com/gnolang/gno/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gnolang%2Fgno/sbom","scorecard":{"id":355962,"data":{"date":"2025-08-11","repo":{"name":"github.com/gnolang/gno","commit":"083697686a2d79e2bfaf59997f558a3a16dcbf15"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":7.3,"checks":[{"name":"Code-Review","score":10,"reason":"all changesets reviewed","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Maintained","score":10,"reason":"30 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Security-Policy","score":10,"reason":"security policy file detected","details":["Info: security policy file detected: SECURITY.md:1","Info: Found linked content: SECURITY.md:1","Info: Found disclosure, vulnerability, and/or timelines in security policy: SECURITY.md:1","Info: Found text in security policy: SECURITY.md:1"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"License","score":9,"reason":"license file detected","details":["Info: project has a license file: LICENSE.md:0","Warn: project license file does not contain an FSF or OSI license."],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"CII-Best-Practices","score":2,"reason":"badge detected: InProgress","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: jobLevel 'actions' permission set to 'write': .github/workflows/bot-proxy.yml:25","Info: jobLevel 'pull-requests' permission set to 'read': .github/workflows/bot.yml:53","Info: jobLevel 'actions' permission set to 'read': .github/workflows/codeql.yml:41","Info: jobLevel 'contents' permission set to 'read': .github/workflows/codeql.yml:42","Warn: jobLevel 'contents' permission set to 'write': .github/workflows/dependabot-tidy.yml:15","Warn: jobLevel 'contents' permission set to 'write': .github/workflows/labeler.yml:8","Warn: topLevel 'deployments' permission set to 'write': .github/workflows/benchmark-master-push.yml:15","Warn: topLevel 'contents' permission set to 'write': .github/workflows/benchmark-master-push.yml:17","Warn: no topLevel permission defined: .github/workflows/bot-proxy.yml:1","Warn: no topLevel permission defined: .github/workflows/bot.yml:1","Warn: no topLevel permission defined: .github/workflows/build_template.yml:1","Warn: no topLevel permission defined: .github/workflows/codeql.yml:1","Warn: no topLevel permission defined: .github/workflows/contribs.yml:1","Warn: no topLevel permission defined: .github/workflows/dependabot-tidy.yml:1","Warn: no topLevel permission defined: .github/workflows/dependabot-validate.yml:1","Warn: no topLevel permission defined: .github/workflows/docs-deploy.yml:1","Warn: no topLevel permission defined: .github/workflows/docs-generate.yml:1","Warn: no topLevel permission defined: .github/workflows/e2e.yml:1","Warn: no topLevel permission defined: .github/workflows/examples-bot.yml:1","Warn: no topLevel permission defined: .github/workflows/examples.yml:1","Info: topLevel 'contents' permission set to 'read': .github/workflows/fossa.yml:19","Warn: no topLevel permission defined: .github/workflows/genesis-verify.yml:1","Info: topLevel 'contents' permission set to 'read': .github/workflows/gh-pages.yml:15","Warn: no topLevel permission defined: .github/workflows/gnofmt_template.yml:1","Warn: no topLevel permission defined: .github/workflows/gnoland.yml:1","Warn: no topLevel permission defined: .github/workflows/gnovm.yml:1","Warn: no topLevel permission defined: .github/workflows/labeler.yml:1","Warn: no topLevel permission defined: .github/workflows/lint-pr-title.yml:1","Warn: no topLevel permission defined: .github/workflows/lint_template.yml:1","Warn: no topLevel permission defined: .github/workflows/main_template.yml:1","Warn: no topLevel permission defined: .github/workflows/misc.yml:1","Warn: no topLevel permission defined: .github/workflows/mod-tidy.yml:1","Warn: topLevel 'contents' permission set to 'write': .github/workflows/releaser-master.yml:13","Warn: topLevel 'packages' permission set to 'write': .github/workflows/releaser-master.yml:15","Warn: topLevel 'contents' permission set to 'write': .github/workflows/releaser-nightly.yml:9","Warn: topLevel 'packages' permission set to 'write': .github/workflows/releaser-nightly.yml:11","Info: topLevel 'contents' permission set to 'read': .github/workflows/staging.yml:14","Warn: topLevel 'packages' permission set to 'write': .github/workflows/staging.yml:15","Warn: no topLevel permission defined: .github/workflows/test_template.yml:1","Info: topLevel 'contents' permission set to 'read': .github/workflows/testnets_build.yml:11","Warn: topLevel 'actions' permission set to 'write': .github/workflows/testnets_build.yml:12","Warn: topLevel 'packages' permission set to 'write': .github/workflows/testnets_build.yml:13","Warn: no topLevel permission defined: .github/workflows/tm2.yml:1"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Fuzzing","score":10,"reason":"project is fuzzed","details":["Info: GoBuiltInFuzzer integration found: tm2/pkg/iavl/tree_fuzz_test.go:196","Info: GoBuiltInFuzzer integration found: tm2/pkg/iavl/tree_fuzz_test.go:249"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Packaging","score":10,"reason":"packaging workflow detected","details":["Info: Project packages its releases by way of GitHub Actions.: .github/workflows/releaser-master.yml:18"],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Binary-Artifacts","score":9,"reason":"binaries present in source code","details":["Warn: binary detected: tm2/pkg/crypto/aminoscan:1"],"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"SAST","score":7,"reason":"SAST tool detected but not run on all commits","details":["Info: SAST configuration detected: CodeQL","Warn: 11 commits out of 30 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: third-party GitHubAction not pinned by hash: .github/workflows/auto-author-assign.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/auto-author-assign.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/benchmark-master-push.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/benchmark-master-push.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/benchmark-master-push.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/benchmark-master-push.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/benchmark-master-push.yml:45: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/benchmark-master-push.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/benchmark-master-push.yml:51: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/benchmark-master-push.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/bot-proxy.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/bot-proxy.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/bot.yml:59: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/bot.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/bot.yml:67: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/bot.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/bot.yml:74: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/bot.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/bot.yml:107: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/bot.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/bot.yml:130: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/bot.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/bot.yml:138: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/bot.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/bot.yml:145: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/bot.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build_template.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/build_template.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build_template.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/build_template.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yml:60: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/codeql.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yml:64: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/codeql.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yml:91: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/codeql.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/contribs.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/contribs.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/dependabot-tidy.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/dependabot-tidy.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/dependabot-tidy.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/dependabot-tidy.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/dependabot-tidy.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/dependabot-tidy.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/dependabot-validate.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/dependabot-validate.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/dependabot-validate.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/dependabot-validate.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docs-deploy.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/docs-deploy.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docs-generate.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/docs-generate.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docs-generate.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/docs-generate.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/e2e.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/e2e.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/e2e.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/examples.yml:97: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/examples.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/examples.yml:100: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/examples.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/examples.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/examples.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/examples.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/examples.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/examples.yml:43: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/examples.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/examples.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/examples.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/examples.yml:66: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/examples.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/examples.yml:67: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/examples.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/fossa.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/fossa.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/fossa.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/fossa.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/fossa.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/fossa.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/genesis-verify.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/genesis-verify.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/genesis-verify.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/genesis-verify.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/genesis-verify.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/genesis-verify.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/gh-pages.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/gh-pages.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/gh-pages.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/gh-pages.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/gh-pages.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/gh-pages.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/gh-pages.yml:48: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/gh-pages.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/gh-pages.yml:64: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/gh-pages.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/gnofmt_template.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/gnofmt_template.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/gnofmt_template.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/gnofmt_template.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/gnoland.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/gnoland.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/gnoland.yml:47: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/gnoland.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/gnoland.yml:50: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/gnoland.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/gnoland.yml:61: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/gnoland.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/gnoland.yml:64: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/gnoland.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/labeler.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/labeler.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/labeler.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/labeler.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/lint-pr-title.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/lint-pr-title.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/lint_template.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/lint_template.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/lint_template.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/lint_template.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/lint_template.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/lint_template.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/mod-tidy.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/mod-tidy.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/mod-tidy.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/mod-tidy.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/releaser-master.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/releaser-master.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/releaser-master.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/releaser-master.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/releaser-master.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/releaser-master.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/releaser-master.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/releaser-master.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/releaser-master.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/releaser-master.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/releaser-master.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/releaser-master.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/releaser-master.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/releaser-master.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/releaser-nightly.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/releaser-nightly.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/releaser-nightly.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/releaser-nightly.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/releaser-nightly.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/releaser-nightly.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/releaser-nightly.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/releaser-nightly.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/releaser-nightly.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/releaser-nightly.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/releaser-nightly.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/releaser-nightly.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/releaser-nightly.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/releaser-nightly.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/staging.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/staging.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/staging.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/staging.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/staging.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/staging.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/staging.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/staging.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/staging.yml:53: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/staging.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/stale-bot.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/stale-bot.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test_template.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/test_template.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test_template.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/test_template.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/test_template.yml:67: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/test_template.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/testnets_build.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/testnets_build.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/testnets_build.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/testnets_build.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/testnets_build.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/testnets_build.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/testnets_build.yml:50: update your workflow using https://app.stepsecurity.io/secureworkflow/gnolang/gno/testnets_build.yml/master?enable=pin","Warn: containerImage not pinned by hash: Dockerfile:2","Warn: containerImage not pinned by hash: Dockerfile:31","Warn: containerImage not pinned by hash: Dockerfile:41","Warn: containerImage not pinned by hash: Dockerfile:53","Warn: containerImage not pinned by hash: Dockerfile:63","Warn: containerImage not pinned by hash: Dockerfile:73","Warn: containerImage not pinned by hash: Dockerfile:84","Warn: containerImage not pinned by hash: Dockerfile:91","Warn: containerImage not pinned by hash: Dockerfile:103","Warn: containerImage not pinned by hash: Dockerfile:111","Warn: containerImage not pinned by hash: Dockerfile:118","Warn: containerImage not pinned by hash: Dockerfile:125","Warn: containerImage not pinned by hash: Dockerfile:137","Warn: containerImage not pinned by hash: Dockerfile:146","Warn: containerImage not pinned by hash: Dockerfile:156","Warn: containerImage not pinned by hash: Dockerfile:165","Warn: containerImage not pinned by hash: Dockerfile.release:4","Warn: containerImage not pinned by hash: Dockerfile.release:12","Warn: containerImage not pinned by hash: Dockerfile.release:27","Warn: containerImage not pinned by hash: Dockerfile.release:34","Warn: containerImage not pinned by hash: Dockerfile.release:42","Warn: containerImage not pinned by hash: Dockerfile.release:50","Warn: containerImage not pinned by hash: Dockerfile.release:64","Warn: containerImage not pinned by hash: Dockerfile.release:75","Warn: downloadThenRun not pinned by hash: .github/workflows/fossa.yml:46","Info:   0 out of  62 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of  28 third-party GitHubAction dependencies pinned","Info:   0 out of  24 containerImage dependencies pinned","Info:   3 out of   3 goCommand dependencies pinned","Info:   0 out of   1 downloadThenRun dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Vulnerabilities","score":5,"reason":"5 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GO-2025-3770 / GHSA-vrw8-fxc6-2r93","Warn: Project is vulnerable to: GHSA-q7pp-wcgr-pffx","Warn: Project is vulnerable to: GO-2025-3503 / GHSA-qxp5-gwg8-xv66","Warn: Project is vulnerable to: GO-2025-3595 / GHSA-vvgc-356p-c3xw","Warn: Project is vulnerable to: GO-2025-3829 / GHSA-4vq8-7jfc-9cvp"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-18T09:35:33.660Z","repository_id":37247002,"created_at":"2025-08-18T09:35:33.660Z","updated_at":"2025-08-18T09:35:33.660Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28419272,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-14T10:47:48.104Z","status":"ssl_error","status_checked_at":"2026-01-14T10:46:19.031Z","response_time":107,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["bft","blockchain","composability","concurrency","cosmos","fairness","gno","gnoland","gnolang","gnovm","golang","hacktoberfest","interpreter","proof-of-contribution","smart-contracts","tendermint","tendermint2","truth-discovery","virtual-machine","web3"],"created_at":"2024-08-01T15:00:26.860Z","updated_at":"2026-01-14T11:51:45.930Z","avatar_url":"https://github.com/gnolang.png","language":"Go","funding_links":[],"categories":["Blockchain","Golang","Recently Updated","Official Links","Go","区块链"],"sub_categories":["[Sep 15, 2024](/content/2024/09/15/README.md)"],"readme":"# Gno\n\n[![License](https://img.shields.io/badge/license-GNO%20GPL%20v5-blue.svg)](LICENSE.md)\n[![Go Reference](https://pkg.go.dev/badge/hey/google)](https://gnolang.github.io/gno/github.com/gnolang/gno.html)\n\n\u003e At first, there was Bitcoin, out of entropy soup of the greater All.\n\u003e Then, there was Ethereum, which was created in the likeness of Bitcoin,\n\u003e but made Turing complete.\n\u003e\n\u003e Among these were Tendermint and Cosmos to engineer robust PoS and IBC.\n\u003e Then came Gno upon Cosmos and there spring forth Gnoland,\n\u003e simulated by the Gnomes of the Greater Resistance.\n\n**Gno is a blockchain platform that interprets a deterministic variant of Go \nfor writing smart contracts, built on Tendermint consensus.**\n\nGno is an interpreted and fully-deterministic implementation of the Go\nprogramming language, designed to build succinct and composable smart contracts.\nThe first blockchain to use it is gno.land, a contribution-based chain, backed\nby a variation of the [Tendermint](./tm2) consensus engine.\n\nPLEASE NOTE: This is NOT the same project or token as the excellent Gnosis.io project.\n\n## Getting Started\n\nExplore Gno through our comprehensive documentation:\n\n- **[For Users](./docs#use-gnoland)** - Learn how to use Gno applications, \n  manage accounts, and interact with the blockchain\n- **[For Builders](./docs#build-on-gnoland)** - Start writing smart contracts, \n  understand the Gno language, and deploy your applications  \n- **[Resources](./docs#resources)** - Technical specifications, best \n  practices, and advanced topics\n\nVisit [gno.land](https://gno.land) to see live smart contracts in action.\n\n## Key Features\n\n- **Go Syntax**: If you know Go, you know Gno\n- **Deterministic Execution**: Fully predictable contract behavior\n- **Composable Packages**: Import and reuse code like regular Go\n- **Auto-Persisted State**: Global variables automatically saved between calls\n- **Contribution System**: Rewarding open source contributors\n- **Developer Experience**: Comprehensive tooling including testing, \n  debugging, and hot-reload development\n\n## Documentation\n\n- [Documentation](./docs/) - Complete documentation portal\n- [Examples](./examples) - Sample contracts and patterns\n- [Go API Reference](https://gnolang.github.io/gno/github.com/gnolang/gno.html) - \n  Go package documentation\n\n## Gno Playground\n\u003ca href=\"https://play.gno.land/p/VxDC6AmKmK6?run.expr=println(Render(%22%22))\"\u003e\n  \u003cimg alt=\"play.gno.land\" src=\"https://img.shields.io/badge/Play-Hello_World-691a00.svg?logo=data:image/svg%2bxml;base64,PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIGZpbGw9Im5vbmUiIHZpZXdCb3g9IjAgMCAxNTggMTU4Ij48cGF0aCBkPSJtMTU2IDItNiA1LTIgMmE1NCA1NCAwIDAgMS0yNCAxMmwtMyAxaC00Yy02IDAtOS0xLTE1LTNhNjIgNjIgMCAwIDAtMzUtNmgtMWwtNCAxYTYzIDYzIDAgMCAwLTUwIDY4bDEgMmEyNyAyNyAwIDAgMCAwIDRsNiAxNWEzMyAzMyAwIDAgMSAyIDIxIDYyIDYyIDAgMCAxLTMgOCA2MSA2MSAwIDAgMS0xMyAyMGwtMyA0LTEgMWgxbDEtMmEyMDYgMjA2IDAgMCAxIDYtNWwyLTJhODggODggMCAwIDAgOC03bDEtMSAyLTIgMy0zYTY2MSA2NjEgMCAwIDEgMjYtMjRsNjItNjIgNC00IDMtMyAyLTMgOS05IDMtMyAyLTMgNi02IDExLTEzIDMtMyAxLTEtMSAxWk03OSAyNWM5IDEgMTcgNCAyMyA4IDQgMiA1IDQgNSA3bC0xIDMtMSAydjFsLTItMmE0MSA0MSAwIDAgMC0zNC0xMCA0MyA0MyAwIDAgMC0zMyAyNyA0OSA0OSAwIDAgMC0zIDIwIDMxIDMxIDAgMCAwIDEgNWwyIDRjMSA1IDQgOSA3IDEzbDIgMnYxbC01IDEtNC0xYy0yLTEtNS01LTctMTBsLTEtMmE2MSA2MSAwIDAgMS0zLTEzIDY2IDY2IDAgMCAxIDAtMTRjMS01IDMtMTEgNi0xNmE1MyA1MyAwIDAgMSA0MC0yNmg4Wm0yIDEzaDFsMTEgMyAxMCA4djRMNzkgNzhsLTI2IDI1Yy0yIDEtNCAxLTYtMWwtNS03YTQwIDQwIDAgMCAxLTUtMTljMC04IDMtMTYgOC0yM2w5LThhNDEgNDEgMCAwIDEgMTktOGw4IDFabTQ0IDEzLTMgNnY3YTIyMSAyMjEgMCAwIDEgMiAxNGwtMSAxMGE0NiA0NiAwIDAgMS01NyAzNWgtOWMtMyAwLTcgMi03IDNsNCAyYTU3IDU3IDAgMCAwIDMyIDVoM2wzLTFhNTUgNTUgMCAwIDAgMzQtODJsLTEgMVoiIGZpbGw9IiNmZmYiLz48cGF0aCBkPSJNMTEzIDU5Yy0xIDItMiA0LTEgNmwxIDNhMzggMzggMCAwIDEtNDggNDRoLTRsLTMgMmE0NCA0NCAwIDAgMCAxMCAzaDE1YTQyIDQyIDAgMCAwIDMxLTU4aC0xWiIgZmlsbD0iI2ZmZiIvPjwvc3ZnPg==\" /\u003e\n\u003c/a\u003e\n\u003c/br\u003e\u003c/br\u003e\n\n[Gno Playground](https://play.gno.land), available at \n[play.gno.land](https://play.gno.land), is a web app that allows users to \nwrite, share, and deploy Gno code. Developers can seamlessly test, debug, and \ndeploy realms and packages on gno.land, while being able to collaborate with \npeers to work on projects together and seek assistance. A key feature of Gno \nPlayground is the ability to get started without the need to install any tools \nor manage any services, offering immediate access and convenience for users.\n\n**Note:** The playground may not always reflect the latest changes in this \nrepository.\n\n## Repository Structure\n\n* [docs](./docs) - Official documentation\n* [examples](./examples) - Smart contract examples and guides\n* [gnovm](./gnovm) - GnoVM and the Gno language\n* [gno.land](./gno.land) - Blockchain node and tools\n* [tm2](./tm2) - Tendermint2 consensus engine\n* [contribs](./contribs) - Additional tools and utilities\n* [misc](./misc) - Various utilities and scripts\n\n## Community\n\n**Explore the Ecosystem:**\n- [Gnoverse](https://github.com/gnoverse) - Community projects and initiatives\n- [Awesome Gno](https://github.com/gnoverse/awesome-gno) - Curated list of \n  resources\n- [Gnoscan](https://gnoscan.io) - Blockchain explorer\n- [Gno Studio](https://gno.studio) - Web IDE for Gno development\n- [Become a Gnome](./docs/builders/become-a-gnome.md) - Join the contributor \n  community\n\n**Connect \u0026 Get Help:**\n- [Discord](https://discord.gg/YFtMjWwUN7) - Real-time support and development \n  discussions\n- [Twitter](https://twitter.com/_gnoland) - Official announcements and updates\n- [YouTube](https://www.youtube.com/@_gnoland) - Tutorials, workshops, and \n  development calls\n- [Workshops](https://github.com/gnolang/workshops) - Educational materials\n- [Reddit](https://www.reddit.com/r/gnoland) - Forum-style discussions\n- [Telegram](https://t.me/gnoland) - Community-run group\n\n**Contribute:**\n- [GitHub Issues](https://github.com/gnolang/gno/issues) - Report bugs and \n  request features\n- [Contributing Guide](./CONTRIBUTING.md) - Guidelines for contributors\n\n\n\u003cdetails\u003e\u003csummary\u003eCI/CD/Tools badges and links\u003c/summary\u003e\n\n  GitHub Actions:\n\n  * [![gno.land](https://github.com/gnolang/gno/actions/workflows/gnoland.yml/badge.svg)](https://github.com/gnolang/gno/actions/workflows/gnoland.yml)\n  * [![gnovm](https://github.com/gnolang/gno/actions/workflows/gnovm.yml/badge.svg)](https://github.com/gnolang/gno/actions/workflows/gnovm.yml)\n  * [![tm2](https://github.com/gnolang/gno/actions/workflows/tm2.yml/badge.svg)](https://github.com/gnolang/gno/actions/workflows/tm2.yml)\n  * [![examples](https://github.com/gnolang/gno/actions/workflows/examples.yml/badge.svg)](https://github.com/gnolang/gno/actions/workflows/examples.yml)\n  * [![docker](https://github.com/gnolang/gno/actions/workflows/docker.yml/badge.svg)](https://github.com/gnolang/gno/actions/workflows/docker.yml)\n\n  Codecov:\n\n  * General: [![codecov](https://codecov.io/gh/gnolang/gno/branch/master/graph/badge.svg?token=HPP82HR1P4)](https://codecov.io/gh/gnolang/gno)\n  * tm2: [![codecov](https://codecov.io/gh/gnolang/gno/branch/master/graph/badge.svg?token=HPP82HR1P4\u0026flag=tm2)](https://codecov.io/gh/gnolang/gno/tree/master/tm2)\n  * gnovm: [![codecov](https://codecov.io/gh/gnolang/gno/branch/master/graph/badge.svg?token=HPP82HR1P4\u0026flag=gnovm)](https://codecov.io/gh/gnolang/gno/tree/master/gnovm)\n  * gno.land: [![codecov](https://codecov.io/gh/gnolang/gno/branch/master/graph/badge.svg?token=HPP82HR1P4\u0026flag=gno.land)](https://codecov.io/gh/gnolang/gno/tree/master/gno.land)\n  * examples: TODO\n\n  Go Report Card:\n\n  * [![Go Report Card](https://goreportcard.com/badge/github.com/gnolang/gno)](https://goreportcard.com/report/github.com/gnolang/gno)\n  * tm2, gnovm, gno.land: TODO (blocked by tm2 split, because we need go mod workspaces)\n\n  Pkg.go.dev\n\n  * [![Go Reference](https://pkg.go.dev/badge/hey/google)](https://gnolang.github.io/gno/github.com/gnolang/gno.html) \\\n    (pkg.go.dev will not show our repository as it has a license it doesn't recognise)\n\u003c/details\u003e\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgnolang%2Fgno","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fgnolang%2Fgno","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgnolang%2Fgno/lists"}