{"id":13625116,"url":"https://github.com/golemfactory/yagna","last_synced_at":"2026-06-09T01:05:47.756Z","repository":{"id":37450906,"uuid":"221940074","full_name":"golemfactory/yagna","owner":"golemfactory","description":"An open platform and marketplace for distributed computations","archived":false,"fork":false,"pushed_at":"2026-05-16T23:36:46.000Z","size":21139,"stargazers_count":473,"open_issues_count":280,"forks_count":86,"subscribers_count":26,"default_branch":"master","last_synced_at":"2026-05-17T03:04:26.590Z","etag":null,"topics":["golem"],"latest_commit_sha":null,"homepage":"","language":"Rust","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/golemfactory.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":".github/CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":".github/CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":".github/CODEOWNERS","security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2019-11-15T14:28:03.000Z","updated_at":"2026-05-05T14:07:50.000Z","dependencies_parsed_at":"2026-02-22T02:03:40.318Z","dependency_job_id":null,"html_url":"https://github.com/golemfactory/yagna","commit_stats":{"total_commits":4193,"total_committers":47,"mean_commits":89.2127659574468,"dds":0.7898879084187932,"last_synced_commit":"3d584097a0b2759d0184d9e89ea0756db1779bbb"},"previous_names":[],"tags_count":603,"template":false,"template_full_name":null,"purl":"pkg:github/golemfactory/yagna","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/golemfactory%2Fyagna","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/golemfactory%2Fyagna/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/golemfactory%2Fyagna/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/golemfactory%2Fyagna/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/golemfactory","download_url":"https://codeload.github.com/golemfactory/yagna/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/golemfactory%2Fyagna/sbom","scorecard":{"id":434742,"data":{"date":"2025-08-11","repo":{"name":"github.com/golemfactory/yagna","commit":"6080895dfd5846346d787dfb78d8af6a67c4de12"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":3.2,"checks":[{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Code-Review","score":6,"reason":"Found 7/11 approved changesets -- score normalized to 6","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Maintained","score":1,"reason":"1 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 1","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/add-to-core-team-project.yml:1","Warn: no topLevel permission defined: .github/workflows/binaries-aarch64.yml:1","Warn: no topLevel permission defined: .github/workflows/fast-ci.yml:1","Warn: no topLevel permission defined: .github/workflows/fast-win-build.yml:1","Warn: no topLevel permission defined: .github/workflows/fmt-clippy.yml:1","Warn: no topLevel permission defined: .github/workflows/integration-test-nightly.yml:1","Warn: no topLevel permission defined: .github/workflows/integration-test.yml:1","Warn: no topLevel permission defined: .github/workflows/market-test-suite.yml:1","Warn: no topLevel permission defined: .github/workflows/payment-test.yml:1","Warn: topLevel 'contents' permission set to 'write': .github/workflows/release.yml:26","Warn: topLevel 'packages' permission set to 'write': .github/workflows/release.yml:25","Warn: no topLevel permission defined: .github/workflows/system-test.yml:1","Warn: no topLevel permission defined: .github/workflows/unit-test-sgx.yml:1","Warn: no topLevel permission defined: .github/workflows/unit-test.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: GNU General Public License v3.0: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Signed-Releases","score":0,"reason":"Project has not signed or included provenance with any releases.","details":["Warn: release artifact pre-rel-v0.17.1-preview.golembase.32 not signed: https://api.github.com/repos/golemfactory/yagna/releases/238548253","Warn: release artifact pre-rel-v0.17.1-preview.golembase.31 not signed: https://api.github.com/repos/golemfactory/yagna/releases/236556347","Warn: release artifact pre-rel-v0.17.1-preview.golembase.30 not signed: https://api.github.com/repos/golemfactory/yagna/releases/236280578","Warn: release artifact pre-rel-v0.17.1-preview.golembase.29 not signed: https://api.github.com/repos/golemfactory/yagna/releases/235130437","Warn: release artifact pre-rel-v0.17.1-preview.golembase.28 not signed: https://api.github.com/repos/golemfactory/yagna/releases/233883510","Warn: release artifact pre-rel-v0.17.1-preview.golembase.32 does not have provenance: https://api.github.com/repos/golemfactory/yagna/releases/238548253","Warn: release artifact pre-rel-v0.17.1-preview.golembase.31 does not have provenance: https://api.github.com/repos/golemfactory/yagna/releases/236556347","Warn: release artifact pre-rel-v0.17.1-preview.golembase.30 does not have provenance: https://api.github.com/repos/golemfactory/yagna/releases/236280578","Warn: release artifact pre-rel-v0.17.1-preview.golembase.29 does not have provenance: https://api.github.com/repos/golemfactory/yagna/releases/235130437","Warn: release artifact pre-rel-v0.17.1-preview.golembase.28 does not have provenance: https://api.github.com/repos/golemfactory/yagna/releases/233883510"],"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/add-to-core-team-project.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/add-to-core-team-project.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/binaries-aarch64.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/binaries-aarch64.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/binaries-aarch64.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/binaries-aarch64.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/binaries-aarch64.yml:43: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/binaries-aarch64.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/binaries-aarch64.yml:64: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/binaries-aarch64.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/fast-ci.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/fast-ci.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/fast-ci.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/fast-ci.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/fast-ci.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/fast-ci.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/fast-ci.yml:53: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/fast-ci.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/fast-ci.yml:72: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/fast-ci.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/fast-ci.yml:75: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/fast-ci.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/fast-ci.yml:85: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/fast-ci.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/fast-ci.yml:102: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/fast-ci.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/fast-win-build.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/fast-win-build.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/fast-win-build.yml:47: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/fast-win-build.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/fast-win-build.yml:63: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/fast-win-build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/fast-win-build.yml:74: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/fast-win-build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/fmt-clippy.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/fmt-clippy.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/fmt-clippy.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/fmt-clippy.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/fmt-clippy.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/fmt-clippy.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/fmt-clippy.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/fmt-clippy.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/fmt-clippy.yml:48: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/fmt-clippy.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/fmt-clippy.yml:54: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/fmt-clippy.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/integration-test-nightly.yml:52: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/integration-test-nightly.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/integration-test-nightly.yml:58: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/integration-test-nightly.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/integration-test-nightly.yml:95: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/integration-test-nightly.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/integration-test-nightly.yml:115: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/integration-test-nightly.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/integration-test-nightly.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/integration-test-nightly.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/integration-test.yml:110: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/integration-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/integration-test.yml:115: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/integration-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/integration-test.yml:123: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/integration-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/integration-test.yml:180: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/integration-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/integration-test.yml:185: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/integration-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/integration-test.yml:196: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/integration-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/integration-test.yml:215: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/integration-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/integration-test.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/integration-test.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/integration-test.yml:57: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/integration-test.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/integration-test.yml:64: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/integration-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/integration-test.yml:94: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/integration-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/market-test-suite.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/market-test-suite.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/market-test-suite.yml:43: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/market-test-suite.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/market-test-suite.yml:49: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/market-test-suite.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/market-test-suite.yml:55: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/market-test-suite.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/market-test-suite.yml:68: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/market-test-suite.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/payment-test.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/payment-test.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/payment-test.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/payment-test.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/payment-test.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/payment-test.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/payment-test.yml:47: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/payment-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:84: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/release.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:87: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/release.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:94: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/release.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:149: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/release.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:161: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/release.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:169: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/release.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:185: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/release.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:190: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/release.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:194: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/release.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:246: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/release.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:256: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/release.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:272: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/release.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:275: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/release.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:283: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/release.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:298: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/release.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:305: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/release.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:329: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/release.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:339: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/release.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:353: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/release.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:356: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/release.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:364: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/release.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:378: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/release.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:386: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/release.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:396: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/release.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/release.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/release.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/system-test.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/system-test.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/system-test.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/system-test.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/system-test.yml:47: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/system-test.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/system-test.yml:53: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/system-test.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/system-test.yml:58: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/system-test.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/system-test.yml:71: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/system-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/unit-test-sgx.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/unit-test-sgx.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/unit-test-sgx.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/unit-test-sgx.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/unit-test.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/unit-test.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/unit-test.yml:43: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/unit-test.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/unit-test.yml:49: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/unit-test.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/unit-test.yml:55: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/unit-test.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/unit-test.yml:60: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/unit-test.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/unit-test.yml:73: update your workflow using https://app.stepsecurity.io/secureworkflow/golemfactory/yagna/unit-test.yml/master?enable=pin","Warn: containerImage not pinned by hash: goth_tests/assets/docker/outbound-test.Dockerfile:1: pin your Docker image by updating ghcr.io/golemfactory/goth/yagna-outbound-base:1.0.0 to ghcr.io/golemfactory/goth/yagna-outbound-base:1.0.0@sha256:2ba8b8fdc251ad7e1293ebc5a988d1e591e4852323f882504e7cc88913382cab","Warn: containerImage not pinned by hash: goth_tests/assets/docker/proxy-nginx.Dockerfile:1: pin your Docker image by updating ghcr.io/golemfactory/goth/nginx:1.19 to ghcr.io/golemfactory/goth/nginx:1.19@sha256:eba373a0620f68ffdc3f217041ad25ef084475b8feb35b992574cd83698e9e3c","Warn: containerImage not pinned by hash: goth_tests/assets/docker/yagna-goth-deb.Dockerfile:1: pin your Docker image by updating ghcr.io/golemfactory/goth/yagna-goth-base:1.0.0 to ghcr.io/golemfactory/goth/yagna-goth-base:1.0.0@sha256:919c1c049e833755a766ca3997c5f3311f7f6a2fe207243bfda44350b441b1e3","Warn: containerImage not pinned by hash: goth_tests/assets/docker/yagna-goth.Dockerfile:1: pin your Docker image by updating ghcr.io/golemfactory/goth/yagna-goth-base:1.0.0 to ghcr.io/golemfactory/goth/yagna-goth-base:1.0.0@sha256:919c1c049e833755a766ca3997c5f3311f7f6a2fe207243bfda44350b441b1e3","Warn: containerImage not pinned by hash: goth_tests/e2e/vm/assets/test_e2e_outbound_perf/image/Dockerfile:1: pin your Docker image by updating ubuntu:22.04 to ubuntu:22.04@sha256:1aa979d85661c488ce030ac292876cf6ed04535d3a237e49f61542d8e5de5ae0","Warn: npmCommand not pinned by hash: .github/workflows/fast-win-build.yml:57","Warn: downloadThenRun not pinned by hash: .github/workflows/integration-test-nightly.yml:64","Warn: downloadThenRun not pinned by hash: .github/workflows/integration-test.yml:121","Warn: downloadThenRun not pinned by hash: .github/workflows/integration-test.yml:191","Info:   0 out of  41 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of  47 third-party GitHubAction dependencies pinned","Info:   0 out of   5 containerImage dependencies pinned","Info:   0 out of   1 npmCommand dependencies pinned","Info:   0 out of   3 downloadThenRun dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 26 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":0,"reason":"66 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: RUSTSEC-2021-0061","Warn: Project is vulnerable to: RUSTSEC-2021-0060","Warn: Project is vulnerable to: RUSTSEC-2021-0059","Warn: Project is vulnerable to: RUSTSEC-2021-0139","Warn: Project is vulnerable to: RUSTSEC-2023-0089","Warn: Project is vulnerable to: RUSTSEC-2021-0145 / GHSA-g98v-hv3f-hcfr","Warn: Project is vulnerable to: RUSTSEC-2024-0375","Warn: Project is vulnerable to: RUSTSEC-2025-0012","Warn: Project is vulnerable to: RUSTSEC-2023-0004 / GHSA-96jv-r488-c2rj","Warn: Project is vulnerable to: GHSA-pg9f-39pc-qf8g","Warn: Project is vulnerable to: RUSTSEC-2025-0024","Warn: Project is vulnerable to: RUSTSEC-2022-0041 / GHSA-qc84-gqf4-9926","Warn: Project is vulnerable to: GHSA-x4gp-pqpj-f43q","Warn: Project is vulnerable to: RUSTSEC-2024-0344","Warn: Project is vulnerable to: RUSTSEC-2024-0388","Warn: Project is vulnerable to: GHSA-wq9x-qwcq-mmgf","Warn: Project is vulnerable to: RUSTSEC-2024-0365","Warn: Project is vulnerable to: RUSTSEC-2021-0141","Warn: Project is vulnerable to: RUSTSEC-2022-0093 / GHSA-w5vr-6qhr-36cc","Warn: Project is vulnerable to: GHSA-37wc-h8xc-5hc4","Warn: Project is vulnerable to: GHSA-v7pc-74h8-xq2h","Warn: Project is vulnerable to: RUSTSEC-2025-0006","Warn: Project is vulnerable to: RUSTSEC-2024-0421 / GHSA-h97m-ww89-6jmq","Warn: Project is vulnerable to: RUSTSEC-2024-0384","Warn: Project is vulnerable to: RUSTSEC-2020-0070 / GHSA-5wg8-7c9q-794v / GHSA-gmv4-vmx3-x9f3 / GHSA-hj9h-wrgg-hgmx / GHSA-ppj3-7jw3-8vc4 / GHSA-vh4p-6j7g-f4j9","Warn: Project is vulnerable to: RUSTSEC-2023-0045 / GHSA-wfg4-322g-9vqv","Warn: Project is vulnerable to: RUSTSEC-2021-0113 / GHSA-3hxh-7jxm-59x4 / GHSA-cwvc-87xq-pc5m","Warn: Project is vulnerable to: RUSTSEC-2020-0016","Warn: Project is vulnerable to: RUSTSEC-2021-0119 / GHSA-76w9-p8mg-j927 / GHSA-wgrg-5h56-jg27","Warn: Project is vulnerable to: RUSTSEC-2025-0004 / GHSA-rpmj-rpgj-qmpm","Warn: Project is vulnerable to: GHSA-4fcv-w3qc-ppgg","Warn: Project is vulnerable to: RUSTSEC-2025-0022","Warn: Project is vulnerable to: RUSTSEC-2024-0436","Warn: Project is vulnerable to: RUSTSEC-2024-0370","Warn: Project is vulnerable to: RUSTSEC-2023-0018 / GHSA-mc8h-8q98-g5hr","Warn: Project is vulnerable to: RUSTSEC-2025-0010","Warn: Project is vulnerable to: GHSA-4p46-pwfr-66x6","Warn: Project is vulnerable to: RUSTSEC-2025-0009","Warn: Project is vulnerable to: GHSA-c86p-w88r-qvqr","Warn: Project is vulnerable to: RUSTSEC-2023-0071 / GHSA-4grx-2x9w-596c / GHSA-c38w-74pg-36hr","Warn: Project is vulnerable to: RUSTSEC-2024-0336","Warn: Project is vulnerable to: RUSTSEC-2022-0070 / GHSA-969w-q74q-9j8v","Warn: Project is vulnerable to: RUSTSEC-2024-0006 / GHSA-r7qv-8r2h-pg27","Warn: Project is vulnerable to: GHSA-xmrp-424f-vfpx","Warn: Project is vulnerable to: RUSTSEC-2024-0363","Warn: Project is vulnerable to: RUSTSEC-2018-0017","Warn: Project is vulnerable to: RUSTSEC-2020-0071 / GHSA-wcg3-cvx6-7396","Warn: Project is vulnerable to: GHSA-rr8g-9fpq-6wmg","Warn: Project is vulnerable to: RUSTSEC-2025-0023","Warn: Project is vulnerable to: RUSTSEC-2025-0017","Warn: Project is vulnerable to: RUSTSEC-2024-0320","Warn: Project is vulnerable to: GHSA-2rxc-gjrp-vjhx","Warn: Project is vulnerable to: RUSTSEC-2024-0404","Warn: Project is vulnerable to: RUSTSEC-2024-0332 / GHSA-q6cp-qfwq-4gcv","Warn: Project is vulnerable to: RUSTSEC-2024-0019 / GHSA-r8w9-5wcg-vfj7","Warn: Project is vulnerable to: RUSTSEC-2023-0072 / GHSA-xphf-cx8h-7q9g","Warn: Project is vulnerable to: GHSA-q445-7m23-qrmw","Warn: Project is vulnerable to: RUSTSEC-2024-0357","Warn: Project is vulnerable to: GHSA-c827-hfw6-qwvm","Warn: Project is vulnerable to: GHSA-9548-qrrj-x5pj","Warn: Project is vulnerable to: PYSEC-2024-48 / GHSA-fj7x-q9j7-g6q6","Warn: Project is vulnerable to: PYSEC-2022-42986 / GHSA-43fp-rhv2-5gv8","Warn: Project is vulnerable to: PYSEC-2023-135 / GHSA-xqr8-7jwr-rhp7","Warn: Project is vulnerable to: GHSA-9hjg-9r4m-mvj7","Warn: Project is vulnerable to: GHSA-48p4-8xcf-vxj5","Warn: Project is vulnerable to: GHSA-pq67-6m6q-mj2v"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-19T04:19:18.787Z","repository_id":37450906,"created_at":"2025-08-19T04:19:18.787Z","updated_at":"2025-08-19T04:19:18.787Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":33323383,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-21T12:23:38.849Z","status":"ssl_error","status_checked_at":"2026-05-21T12:22:11.673Z","response_time":62,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["golem"],"created_at":"2024-08-01T21:01:51.070Z","updated_at":"2026-05-22T01:26:29.691Z","avatar_url":"https://github.com/golemfactory.png","language":"Rust","funding_links":[],"categories":["Rust","Golem","Others"],"sub_categories":[],"readme":"## Golem\n\nOfficial Rust implementation of Golem. Golem is a network of nodes that implement the Golem Network protocol. We provide the default implementation of such a node in the form of the Golem daemon, Yagna.\n\n\u003ch5 align=\"center\"\u003e\n  \u003ca href='https://golem.network/'\u003e\u003cimg\n      width='500px'\n      alt=''\n      src=\"https://user-images.githubusercontent.com/35585644/111472751-939f5100-872a-11eb-8c26-926117080e35.png\" /\u003e\u003c/a\u003e\n  \u003cbr/\u003eA flexible, open-source platform for democratised access to digital resources.\n\u003c/a\u003e\n\u003c/h5\u003e\n\n\u003c/p\u003e\n\u003cp align=\"center\"\u003e\n    \u003ca href=\"https://github.com/golemfactory/yagna/actions\" alt=\"Unit Test\"\u003e\n        \u003cimg src=\"https://github.com/golemfactory/yagna/actions/workflows/unit-test.yml/badge.svg\" /\u003e\u003c/a\u003e\n    \u003ca href=\"https://github.com/golemfactory/yagna/watchers\" alt=\"Watch on GitHub\"\u003e\n        \u003cimg src=\"https://img.shields.io/github/watchers/golemfactory/yagna.svg?style=social\" /\u003e\u003c/a\u003e\n    \u003ca href=\"https://github.com/golemfactory/yagna/stargazers\" alt=\"Star on GitHub\"\u003e\n        \u003cimg src=\"https://img.shields.io/github/stars/golemfactory/yagna.svg?style=social\" /\u003e\u003c/a\u003e\n    \u003ca href=\"https://discord.com/invite/golem\" alt=\"Discord\"\u003e\n        \u003cimg src=\"https://img.shields.io/discord/684703559954333727?logo=discord\" /\u003e\u003c/a\u003e\n    \u003ca href=\"https://twitter.com/golemproject\" alt=\"Twitter\"\u003e\n        \u003cimg src=\"https://img.shields.io/twitter/follow/golemproject?style=social\" /\u003e\u003c/a\u003e\n    \u003ca href=\"https://reddit.com/r/GolemProject\" alt=\"Reddit\"\u003e\n        \u003cimg src=\"https://img.shields.io/reddit/subreddit-subscribers/GolemProject?style=social\" /\u003e\u003c/a\u003e\n\u003c/p\u003e\n\nGolem Network has officially gone on Ethereum Mainnet with the [Beta I release](https://blog.golemproject.net/mainnet-release-beta-i/) in March 2021.\n\nGolem democratizes society’s access to computing power by creating a decentralized platform where anyone can build a variety of applications, request computational resources and/or offer their idle systems in exchange for cryptocurrency tokens (GLM). The actors in this decentralized network can assume one of the three non-exclusive roles:\n\n* **Requestor**\nHas a need to use IT resources such as computation hardware. Those resources are purchased in the decentralized market. The actual usage of the resources is backed by Golem's decentralized infrastructure.\n\n* **Provider**\nHas IT resources available that can be shared with other actors in the network. Those resources are sold in the decentralized market.\n\n* **Developer**\nBuilds applications to run for requestors on the network. Golem's potential goes much beyond a singular application. See [Awesome Golem](https://github.com/golemfactory/awesome-golem/blob/main/README.md#%EF%B8%8F-apps) for just a taste of the various types of applications that can be built and run on Golem!\n\n## Documentation\nFor a more in-depth look at how Golem works, head over to our [documentation.](https://docs.golem.network/)\n\n## Project Layout\n\n* [agent/provider](agent/provider) - provider agent implementation based on core services.\n* [core](core) - core services for the open computation marketplace.\n* [exe-unit](exe-unit) -  ExeUnit Supervisor - a common part of all [runtimes](#runtimes) for yagna.\n* [test-utils](test-utils) - some helpers for testing purposes\n* [utils](utils) - trash bin for all other stuff ;)\n* [docs](docs) - project documentation including analysis and specifications.\n\n## Public API\nThe public API rust binding with data model is in the \n[ya-client](https://github.com/golemfactory/ya-client) repo.\n\n## High Level APIs\nThe public high-level API for Python is in \n[yapapi](https://github.com/golemfactory/yapapi) repo and the JS/TS port is contained in the [@golem-sdk/golem-js](https://github.com/golemfactory/golem-js) repo.\n\n## Runtimes\nWe call our runtime **ExeUnit**. As for now we support\n * [Light VM](https://github.com/golemfactory/ya-runtime-vm) - [QEMU](https://www.qemu.org/)\\-based ExeUnit.\n * and WASM in two flavours:\n   * [wasmtime](https://github.com/golemfactory/ya-runtime-wasi) - [Wasmtime](https://github.com/bytecodealliance/wasmtime)\\-based ExeUnit.\n   * [emscripten](https://github.com/golemfactory/ya-runtime-emscripten) - [SpiderMonkey](https://github.com/servo/rust-mozjs)\\-based ExeUnit.\n\nOther ExeUnit types are to come (see below).\n\n## Golem Beta Release(s)\nImportant milestones for Golem development were [Beta I](https://github.com/golemfactory/yagna/releases/tag/v0.6.1) and most recent [Beta II](https://github.com/golemfactory/yagna/releases/tag/v0.7.0). With those releases we have delivered:\n* MVP (minimum viable product), though not feature rich yet, it is usable for early adopters\n* Clean and easy experience for new and existing users.\n* Support for GLM payments (both L1 \u0026 L2 on Ethereum Mainnet)\n* **Production-ready** and **easy to maintain** code base.\n* **Modular architecture** with all the building blocks being replaceable.\n* Small binaries (under 30Mb).\n* [Documentation and SDK](https://docs.golem.network/) for Golem app developers.\n\n## List of implemented and planned functionality \n\n1. Distributed computations\n    * [x] **Batching**\n    * [x] Services _(PoC stage)_\n1. Computational environment (aka ExeUnit)\n   * [x] **Wasm computation**\n   * [x] Light vm-s\n   * [ ] Docker on Linux _(optional)_\n   * [x] SGX on Graphene _(PoC stage)_\n1. Payment platform\n    * [x] **Payments with GLM**\n    * [x] [**ERC20 token**](https://blog.golemproject.net/gnt-to-glm-migration/)\n    * [x] **Layer 1 \u0026 [Layer 2](https://blog.golemproject.net/new-golem-alpha-iii-reveal/) transactions**\n    * [ ] Payment matching _(optional)_ (Ability for the invoice issuer to match the payment with Debit Note(s)/Invoice(s)).\n1. Transaction system\n    * [x] **Pay as you go(lem)** ([see more](https://blog.golemproject.net/pay-as-you-use-golem-a-brief-but-effective-primer/))\n    * [x] **Pay per task**\n    * [ ] Pay for dev _(optional)_\n1. Network\n    * [ ] **P2P** (Hybrid P2P; in progress) \n    * [ ] **Ability to work behind NAT** (Relays; in progress)\n1. Verification\n    * [ ] **Verification by redundancy** ([see also](https://blog.golemproject.net/gwasm-verification/))\n    * [x] **No verification**\n    * [ ] Verification by humans _(optional)_\n\n## Road ahead\n\nWe are actively working on improving Yagna and extending its functionality, check upcoming releases and other news on [our blog](https://blog.golem.network/).\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgolemfactory%2Fyagna","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fgolemfactory%2Fyagna","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgolemfactory%2Fyagna/lists"}