{"id":13461384,"url":"https://github.com/grafana/mimir","last_synced_at":"2026-04-20T14:05:21.953Z","repository":{"id":37043412,"uuid":"385634291","full_name":"grafana/mimir","owner":"grafana","description":"Grafana Mimir provides horizontally scalable, highly available, multi-tenant, long-term storage for Prometheus.","archived":false,"fork":false,"pushed_at":"2026-04-17T19:51:59.000Z","size":552098,"stargazers_count":5042,"open_issues_count":769,"forks_count":751,"subscribers_count":154,"default_branch":"main","last_synced_at":"2026-04-17T20:07:21.655Z","etag":null,"topics":["metrics","observability","opentelemetry","otlp","prometheus","tsdb"],"latest_commit_sha":null,"homepage":"https://grafana.com/oss/mimir/","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"agpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/grafana.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":"CODEOWNERS","security":null,"support":null,"governance":"GOVERNANCE.md","roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":"MAINTAINERS.md","copyright":null,"agents":"AGENTS.md","dco":null,"cla":null}},"created_at":"2021-07-13T14:34:08.000Z","updated_at":"2026-04-17T18:31:46.000Z","dependencies_parsed_at":"2023-12-18T20:29:15.857Z","dependency_job_id":"07e654dc-25dc-49f0-be05-8757a178a158","html_url":"https://github.com/grafana/mimir","commit_stats":{"total_commits":10098,"total_committers":513,"mean_commits":19.68421052631579,"dds":0.8389780154486037,"last_synced_commit":"d717218618cc82dd5a1d291bc3997663e8640c11"},"previous_names":[],"tags_count":454,"template":false,"template_full_name":null,"purl":"pkg:github/grafana/mimir","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/grafana%2Fmimir","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/grafana%2Fmimir/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/grafana%2Fmimir/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/grafana%2Fmimir/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/grafana","download_url":"https://codeload.github.com/grafana/mimir/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/grafana%2Fmimir/sbom","scorecard":{"id":58603,"data":{"date":"2025-08-11","repo":{"name":"github.com/grafana/mimir","commit":"90d7ae76b9b81dfa663d362d07f45d1cb643dfb0"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":7.2,"checks":[{"name":"Code-Review","score":10,"reason":"all changesets reviewed","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Maintained","score":10,"reason":"30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Security-Policy","score":10,"reason":"security policy file detected","details":["Info: security policy file detected: SECURITY.md:1","Info: Found linked content: SECURITY.md:1","Info: Found disclosure, vulnerability, and/or timelines in security policy: SECURITY.md:1","Info: Found text in security policy: SECURITY.md:1"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: GNU Affero General Public License v3.0: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: jobLevel 'statuses' permission set to 'write': .github/workflows/deploy-pr-preview.yml:18","Info: jobLevel 'contents' permission set to 'read': .github/workflows/deploy-pr-preview.yml:15","Info: jobLevel 'contents' permission set to 'read': .github/workflows/generate-docs-helm-tests-renovate-pr.yml:40","Warn: jobLevel 'contents' permission set to 'write': .github/workflows/helm-release.yaml:17","Warn: jobLevel 'packages' permission set to 'write': .github/workflows/helm-release.yaml:18","Info: jobLevel 'contents' permission set to 'read': .github/workflows/helm-weekly-release-pr.yaml:15","Info: jobLevel 'contents' permission set to 'read': .github/workflows/helm-weekly-release-reviewer.yml:17","Info: jobLevel 'contents' permission set to 'read': .github/workflows/publish-technical-documentation-next.yml:17","Info: jobLevel 'contents' permission set to 'read': .github/workflows/publish-technical-documentation-next.yml:24","Info: jobLevel 'contents' permission set to 'read': .github/workflows/publish-technical-documentation-release-helm-charts.yml:19","Info: jobLevel 'contents' permission set to 'read': .github/workflows/publish-technical-documentation-release-helm-charts.yml:27","Info: jobLevel 'contents' permission set to 'read': .github/workflows/publish-technical-documentation-release-mimir.yml:26","Info: jobLevel 'contents' permission set to 'read': .github/workflows/publish-technical-documentation-release-mimir.yml:18","Warn: jobLevel 'contents' permission set to 'write': .github/workflows/push-mimir-build-image.yml:19","Info: jobLevel 'contents' permission set to 'read': .github/workflows/test-build-deploy.yml:319","Warn: jobLevel 'contents' permission set to 'write': .github/workflows/update-make-docs.yml:14","Info: topLevel 'contents' permission set to 'read': .github/workflows/backport.yaml:10","Warn: no topLevel permission defined: .github/workflows/changelog-check.yml:1","Info: topLevel 'contents' permission set to 'read': .github/workflows/compare-helm-with-jsonnet.yml:6","Warn: no topLevel permission defined: .github/workflows/deploy-pr-preview.yml:1","Info: topLevel 'contents' permission set to 'read': .github/workflows/flaky-tests.yml:15","Info: topLevel 'contents' permission set to 'read': .github/workflows/generate-docs-helm-tests-renovate-pr.yml:12","Info: topLevel 'contents' permission set to 'read': .github/workflows/helm-ci.yml:6","Info: found token with 'none' permissions: .github/workflows/helm-release.yaml:1","Info: found token with 'none' permissions: .github/workflows/helm-weekly-release-pr.yaml:1","Info: found token with 'none' permissions: .github/workflows/helm-weekly-release-reviewer.yml:1","Info: found token with 'none' permissions: .github/workflows/publish-technical-documentation-next.yml:1","Info: found token with 'none' permissions: .github/workflows/publish-technical-documentation-release-helm-charts.yml:1","Info: found token with 'none' permissions: .github/workflows/publish-technical-documentation-release-mimir.yml:1","Warn: no topLevel permission defined: .github/workflows/push-mimir-build-image.yml:1","Info: topLevel 'contents' permission set to 'read': .github/workflows/stale.yaml:9","Info: found token with 'none' permissions: .github/workflows/stale.yaml:10","Info: topLevel 'contents' permission set to 'read': .github/workflows/test-build-deploy.yml:13","Warn: no topLevel permission defined: .github/workflows/test-docs.yml:1","Info: topLevel 'contents' permission set to 'read': .github/workflows/trigger-backend-enterprise-update.yml:9","Info: found token with 'none' permissions: .github/workflows/update-make-docs.yml:1","Warn: topLevel 'contents' permission set to 'write': .github/workflows/update-vendored-mimir-prometheus.yml:21"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Fuzzing","score":10,"reason":"project is fuzzed","details":["Info: GoBuiltInFuzzer integration found: pkg/storage/indexheader/encoding/encoding_test.go:53","Info: GoBuiltInFuzzer integration found: pkg/storage/indexheader/encoding/encoding_test.go:137","Info: GoBuiltInFuzzer integration found: pkg/storage/indexheader/encoding/encoding_test.go:194","Info: GoBuiltInFuzzer integration found: pkg/storage/indexheader/encoding/encoding_test.go:389","Info: GoBuiltInFuzzer integration found: pkg/storage/indexheader/encoding/encoding_test.go:451","Info: GoBuiltInFuzzer integration found: pkg/storage/indexheader/encoding/encoding_test.go:548","Info: GoBuiltInFuzzer integration found: pkg/storage/indexheader/encoding/encoding_test.go:633"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Signed-Releases","score":0,"reason":"Project has not signed or included provenance with any releases.","details":["Warn: release artifact mimir-2.17.0-rc.2 not signed: https://api.github.com/repos/grafana/mimir/releases/239841484","Warn: release artifact mimir-2.17.0-rc.1 not signed: https://api.github.com/repos/grafana/mimir/releases/235741093","Warn: release artifact mimir-2.17.0-rc.0 not signed: https://api.github.com/repos/grafana/mimir/releases/232626143","Warn: release artifact mimir-2.16.1 not signed: https://api.github.com/repos/grafana/mimir/releases/227483565","Warn: release artifact mimir-2.15.3 not signed: https://api.github.com/repos/grafana/mimir/releases/223494224","Warn: release artifact mimir-2.17.0-rc.2 does not have provenance: https://api.github.com/repos/grafana/mimir/releases/239841484","Warn: release artifact mimir-2.17.0-rc.1 does not have provenance: https://api.github.com/repos/grafana/mimir/releases/235741093","Warn: release artifact mimir-2.17.0-rc.0 does not have provenance: https://api.github.com/repos/grafana/mimir/releases/232626143","Warn: release artifact mimir-2.16.1 does not have provenance: https://api.github.com/repos/grafana/mimir/releases/227483565","Warn: release artifact mimir-2.15.3 does not have provenance: https://api.github.com/repos/grafana/mimir/releases/223494224"],"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Vulnerabilities","score":8,"reason":"2 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GO-2022-0635","Warn: Project is vulnerable to: GO-2022-0646"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"Pinned-Dependencies","score":4,"reason":"dependency not pinned by hash detected -- score normalized to 4","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/backport.yaml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/mimir/backport.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/backport.yaml:47: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/mimir/backport.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/changelog-check.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/mimir/changelog-check.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/compare-helm-with-jsonnet.yml:51: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/mimir/compare-helm-with-jsonnet.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/compare-helm-with-jsonnet.yml:54: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/mimir/compare-helm-with-jsonnet.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/compare-helm-with-jsonnet.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/mimir/compare-helm-with-jsonnet.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/compare-helm-with-jsonnet.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/mimir/compare-helm-with-jsonnet.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/deploy-pr-preview.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/mimir/deploy-pr-preview.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/flaky-tests.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/mimir/flaky-tests.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/flaky-tests.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/mimir/flaky-tests.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/generate-docs-helm-tests-renovate-pr.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/mimir/generate-docs-helm-tests-renovate-pr.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/generate-docs-helm-tests-renovate-pr.yml:46: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/mimir/generate-docs-helm-tests-renovate-pr.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/generate-docs-helm-tests-renovate-pr.yml:62: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/mimir/generate-docs-helm-tests-renovate-pr.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/generate-docs-helm-tests-renovate-pr.yml:70: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/mimir/generate-docs-helm-tests-renovate-pr.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/helm-ci.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/mimir/helm-ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/helm-ci.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/mimir/helm-ci.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/helm-ci.yml:10: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/mimir/helm-ci.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/helm-ci.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/mimir/helm-ci.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/helm-release.yaml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/mimir/helm-release.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/helm-weekly-release-pr.yaml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/mimir/helm-weekly-release-pr.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/helm-weekly-release-pr.yaml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/mimir/helm-weekly-release-pr.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/helm-weekly-release-reviewer.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/mimir/helm-weekly-release-reviewer.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/helm-weekly-release-reviewer.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/mimir/helm-weekly-release-reviewer.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-technical-documentation-next.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/mimir/publish-technical-documentation-next.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-technical-documentation-release-helm-charts.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/mimir/publish-technical-documentation-release-helm-charts.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-technical-documentation-release-mimir.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/mimir/publish-technical-documentation-release-mimir.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/push-mimir-build-image.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/mimir/push-mimir-build-image.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/push-mimir-build-image.yml:125: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/mimir/push-mimir-build-image.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/stale.yaml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/mimir/stale.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-build-deploy.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/mimir/test-build-deploy.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-build-deploy.yml:63: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/mimir/test-build-deploy.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-build-deploy.yml:99: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/mimir/test-build-deploy.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-build-deploy.yml:131: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/mimir/test-build-deploy.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-build-deploy.yml:164: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/mimir/test-build-deploy.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-build-deploy.yml:197: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/mimir/test-build-deploy.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-build-deploy.yml:221: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/mimir/test-build-deploy.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-build-deploy.yml:232: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/mimir/test-build-deploy.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-build-deploy.yml:250: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/mimir/test-build-deploy.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-build-deploy.yml:255: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/mimir/test-build-deploy.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-build-deploy.yml:265: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/mimir/test-build-deploy.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-build-deploy.yml:278: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/mimir/test-build-deploy.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-build-deploy.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/mimir/test-build-deploy.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-build-deploy.yml:323: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/mimir/test-build-deploy.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-build-deploy.yml:335: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/mimir/test-build-deploy.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-docs.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/mimir/test-docs.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-docs.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/mimir/test-docs.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/update-vendored-mimir-prometheus.yml:64: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/mimir/update-vendored-mimir-prometheus.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/update-vendored-mimir-prometheus.yml:72: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/mimir/update-vendored-mimir-prometheus.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/update-vendored-mimir-prometheus.yml:90: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/mimir/update-vendored-mimir-prometheus.yml/main?enable=pin","Warn: containerImage not pinned by hash: cmd/metaconvert/Dockerfile:6: pin your Docker image by updating alpine:3.22.1 to alpine:3.22.1@sha256:4bcff63911fcb4448bd4fdacec207030997caf25e9bea4045fa6c8c44de311d1","Warn: containerImage not pinned by hash: cmd/mimir/Dockerfile:7","Warn: containerImage not pinned by hash: cmd/mimir/Dockerfile:10","Warn: containerImage not pinned by hash: cmd/mimir/Dockerfile.continuous-test:3: pin your Docker image by updating alpine:3.22.1 to alpine:3.22.1@sha256:4bcff63911fcb4448bd4fdacec207030997caf25e9bea4045fa6c8c44de311d1","Warn: containerImage not pinned by hash: cmd/mimirtool/Dockerfile:3: pin your Docker image by updating alpine:3.22.1 to alpine:3.22.1@sha256:4bcff63911fcb4448bd4fdacec207030997caf25e9bea4045fa6c8c44de311d1","Warn: containerImage not pinned by hash: cmd/query-tee/Dockerfile:6: pin your Docker image by updating alpine:3.22.1 to alpine:3.22.1@sha256:4bcff63911fcb4448bd4fdacec207030997caf25e9bea4045fa6c8c44de311d1","Warn: containerImage not pinned by hash: development/mimir-ingest-storage/dev.dockerfile:2","Warn: containerImage not pinned by hash: development/mimir-ingest-storage/dev.dockerfile:6: pin your Docker image by updating alpine:3.22.1 to alpine:3.22.1@sha256:4bcff63911fcb4448bd4fdacec207030997caf25e9bea4045fa6c8c44de311d1","Warn: containerImage not pinned by hash: development/mimir-microservices-mode/dev.dockerfile:2","Warn: containerImage not pinned by hash: development/mimir-microservices-mode/dev.dockerfile:6: pin your Docker image by updating alpine:3.22.1 to alpine:3.22.1@sha256:4bcff63911fcb4448bd4fdacec207030997caf25e9bea4045fa6c8c44de311d1","Warn: containerImage not pinned by hash: development/mimir-monolithic-mode-with-swift-storage/dev.dockerfile:1: pin your Docker image by updating alpine:3.22.1 to alpine:3.22.1@sha256:4bcff63911fcb4448bd4fdacec207030997caf25e9bea4045fa6c8c44de311d1","Warn: containerImage not pinned by hash: development/mimir-monolithic-mode/dev.dockerfile:1: pin your Docker image by updating alpine:3.22.1 to alpine:3.22.1@sha256:4bcff63911fcb4448bd4fdacec207030997caf25e9bea4045fa6c8c44de311d1","Warn: containerImage not pinned by hash: development/mimir-read-write-mode/dev.dockerfile:2","Warn: containerImage not pinned by hash: development/mimir-read-write-mode/dev.dockerfile:6: pin your Docker image by updating alpine:3.22.1 to alpine:3.22.1@sha256:4bcff63911fcb4448bd4fdacec207030997caf25e9bea4045fa6c8c44de311d1","Warn: containerImage not pinned by hash: mimir-build-image/Dockerfile:6","Warn: containerImage not pinned by hash: mimir-build-image/Dockerfile:7","Warn: containerImage not pinned by hash: mimir-build-image/Dockerfile:8: pin your Docker image by updating golang:1.24.6-bookworm to golang:1.24.6-bookworm@sha256:e617461712dbebf8768e10c1a5deab2833d67d2b692894cb8f4f0a3c19a8efb5","Warn: containerImage not pinned by hash: operations/mimir-mixin-tools/screenshots/Dockerfile:2","Warn: containerImage not pinned by hash: operations/mimir-mixin-tools/screenshots/Dockerfile:10: pin your Docker image by updating debian:bullseye-slim to debian:bullseye-slim@sha256:849d9d34d5fe0bf88b5fb3d09eb9684909ac4210488b52f4f7bbe683eedcb851","Warn: containerImage not pinned by hash: operations/mimir-rules-action/Dockerfile:3: pin your Docker image by updating grafana/mimirtool:2.16.1 to grafana/mimirtool:2.16.1@sha256:e438ed515b88a8616b172c122d5898cf93ca802a6d516c6ff35980f408f76be2","Warn: containerImage not pinned by hash: packaging/deb/debian-systemd/Dockerfile:6: pin your Docker image by updating debian:12 to debian:12@sha256:731dd1380d6a8d170a695dbeb17fe0eade0e1c29f654cf0a3a07f372191c3f4b","Warn: containerImage not pinned by hash: packaging/rpm/centos-systemd/Dockerfile:6: pin your Docker image by updating centos:8 to centos:8@sha256:a27fd8080b517143cbbbab9dfb7c8571c40d67d534bbdee55bd6c473f432b177","Warn: containerImage not pinned by hash: tools/copyblocks/Dockerfile:3: pin your Docker image by updating alpine:3.22.1 to alpine:3.22.1@sha256:4bcff63911fcb4448bd4fdacec207030997caf25e9bea4045fa6c8c44de311d1","Warn: downloadThenRun not pinned by hash: mimir-build-image/Dockerfile:19","Warn: npmCommand not pinned by hash: mimir-build-image/Dockerfile:22","Warn: downloadThenRun not pinned by hash: mimir-build-image/Dockerfile:42","Warn: goCommand not pinned by hash: mimir-build-image/Dockerfile:49-65","Warn: goCommand not pinned by hash: vendor/github.com/google/gopacket/.travis.golint.sh:5","Warn: goCommand not pinned by hash: vendor/github.com/google/gopacket/.travis.install.sh:5","Warn: goCommand not pinned by hash: vendor/github.com/google/gopacket/.travis.install.sh:6","Warn: goCommand not pinned by hash: vendor/github.com/google/gopacket/.travis.install.sh:7","Warn: goCommand not pinned by hash: vendor/github.com/google/gopacket/.travis.install.sh:8","Warn: goCommand not pinned by hash: vendor/github.com/google/gopacket/.travis.install.sh:9","Warn: goCommand not pinned by hash: vendor/github.com/json-iterator/go/build.sh:10","Warn: npmCommand not pinned by hash: .github/workflows/backport.yaml:36","Info:   2 out of  47 GitHub-owned GitHubAction dependencies pinned","Info:  32 out of  36 third-party GitHubAction dependencies pinned","Info:   0 out of  23 containerImage dependencies pinned","Info:  21 out of  29 goCommand dependencies pinned","Info:   0 out of   2 downloadThenRun dependencies pinned","Info:   0 out of   2 npmCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"SAST","score":10,"reason":"SAST tool is run on all commits","details":["Info: all commits (30) are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}}]},"last_synced_at":"2025-08-15T01:14:13.946Z","repository_id":37043412,"created_at":"2025-08-15T01:14:13.946Z","updated_at":"2025-08-15T01:14:13.946Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":32050454,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-20T11:35:06.609Z","status":"ssl_error","status_checked_at":"2026-04-20T11:34:48.899Z","response_time":94,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["metrics","observability","opentelemetry","otlp","prometheus","tsdb"],"created_at":"2024-07-31T11:00:37.230Z","updated_at":"2026-04-20T14:05:21.922Z","avatar_url":"https://github.com/grafana.png","language":"Go","funding_links":[],"categories":["Go","others","Distributed Tracing Solutions","其他_大数据","Observability"],"sub_categories":["Open Source Tools","资源传输下载","Metrics Collection \u0026 Time-Series Storage"],"readme":"# Grafana Mimir\n\n\u003cp align=\"center\"\u003e\u003cimg src=\"images/logo.png\" alt=\"Grafana Mimir logo\" width=\"400\"\u003e\u003c/p\u003e\n\nGrafana Mimir is an open source software project that provides a scalable long-term storage for [Prometheus](https://prometheus.io). Some of the core strengths of Grafana Mimir include:\n\n- **Easy to install and maintain:** Grafana Mimir’s extensive documentation, tutorials, and deployment tooling make it quick to get started. Using its monolithic mode, you can get Grafana Mimir up and running with just one binary and no additional dependencies. Once deployed, the best-practice dashboards, alerts, and runbooks packaged with Grafana Mimir make it easy to monitor the health of the system.\n- **Massive scalability:** You can run Grafana Mimir's horizontally-scalable architecture across multiple machines, resulting in the ability to process orders of magnitude more time series than a single Prometheus instance. Internal testing shows that Grafana Mimir handles up to 1 billion active time series.\n- **Global view of metrics:** Grafana Mimir enables you to run queries that aggregate series from multiple Prometheus instances, giving you a global view of your systems. Its query engine extensively parallelizes query execution, so that even the highest-cardinality queries complete with blazing speed.\n- **Cheap, durable metric storage:** Grafana Mimir uses object storage for long-term data storage, allowing it to take advantage of this ubiquitous, cost-effective, high-durability technology. It is compatible with multiple object store implementations, including AWS S3, Google Cloud Storage, Azure Blob Storage, OpenStack Swift, as well as any S3-compatible object storage.\n- **High availability:** Grafana Mimir replicates incoming metrics, ensuring that no data is lost in the event of machine failure. Its horizontally scalable architecture also means that it can be restarted, upgraded, or downgraded with zero downtime, which means no interruptions to metrics ingestion or querying.\n- **Natively multi-tenant:** Grafana Mimir’s multi-tenant architecture enables you to isolate data and queries from independent teams or business units, making it possible for these groups to share the same cluster. Advanced limits and quality-of-service controls ensure that capacity is shared fairly among tenants.\n\n## Migrating to Grafana Mimir\n\nIf you're migrating to Grafana Mimir, refer to the following documents:\n\n- [Migrating from Thanos or Prometheus to Grafana Mimir](https://grafana.com/docs/mimir/latest/set-up/migrate/migrate-from-thanos-or-prometheus/).\n- [Migrating from Cortex to Grafana Mimir](https://grafana.com/docs/mimir/latest/set-up/migrate/migrate-from-cortex/)\n\n## Deploying Grafana Mimir\n\nFor information about how to deploy Grafana Mimir, refer to [Deploy Grafana Mimir](https://grafana.com/docs/mimir/latest/operators-guide/deploy-grafana-mimir/).\n\n## Getting started\n\nIf you’re new to Grafana Mimir, read the [Get started guide](https://grafana.com/docs/mimir/latest/get-started/).\n\nBefore deploying Grafana Mimir in a production environment, read:\n\n1. [An overview of Grafana Mimir’s architecture](https://grafana.com/docs/mimir/latest/operators-guide/architecture/)\n1. [Configure Grafana Mimir](https://grafana.com/docs/mimir/latest/operators-guide/configure/)\n1. [Run Grafana Mimir in production](https://grafana.com/docs/mimir/latest/operators-guide/run-production-environment/)\n\n## Documentation\n\nRefer to the following links to access Grafana Mimir documentation:\n\n- [Latest release](https://grafana.com/docs/mimir/latest/)\n- [Upcoming release](https://grafana.com/docs/mimir/next/), at the tip of the `main` branch\n\n## Contributing\n\nTo contribute to Grafana Mimir, refer to [Contributing to Grafana Mimir](https://github.com/grafana/mimir/tree/main/docs/internal/contributing).\n\n## Join the Grafana Mimir discussion\n\nIf you have any questions or feedback regarding Grafana Mimir, join the [Grafana Mimir Discussion](https://github.com/grafana/mimir/discussions). Alternatively, consider joining the monthly [Grafana Mimir Community Call](https://docs.google.com/document/d/1E4jJcGicvLTyMEY6cUFFZUg_I8ytrBuW8r5yt1LyMv4).\n\nYour feedback is always welcome, and you can also share it via the [`#mimir` Slack channel](https://slack.grafana.com/).\n\n## License\n\nGrafana Mimir is distributed under [AGPL-3.0-only](LICENSE).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgrafana%2Fmimir","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fgrafana%2Fmimir","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgrafana%2Fmimir/lists"}