{"id":13511187,"url":"https://github.com/graphprotocol/graph-node","last_synced_at":"2026-04-02T19:05:36.396Z","repository":{"id":37479811,"uuid":"130174051","full_name":"graphprotocol/graph-node","owner":"graphprotocol","description":"Graph Node indexes data from blockchains such as Ethereum and serves it over GraphQL","archived":false,"fork":false,"pushed_at":"2026-03-26T01:11:46.000Z","size":338529,"stargazers_count":3122,"open_issues_count":295,"forks_count":1059,"subscribers_count":87,"default_branch":"master","last_synced_at":"2026-03-26T11:55:41.826Z","etag":null,"topics":["blockchain","developer-tools","ethereum","graphql","graphql-api","graphql-server","ipfs","protocol"],"latest_commit_sha":null,"homepage":"https://thegraph.com","language":"Rust","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/graphprotocol.png","metadata":{"files":{"readme":"README.md","changelog":"NEWS.md","contributing":"CONTRIBUTING.md","funding":"FUNDING.json","license":"LICENSE-APACHE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null},"funding":{}},"created_at":"2018-04-19T07:13:50.000Z","updated_at":"2026-03-25T23:28:11.000Z","dependencies_parsed_at":"2026-01-27T17:06:10.927Z","dependency_job_id":null,"html_url":"https://github.com/graphprotocol/graph-node","commit_stats":{"total_commits":7130,"total_committers":141,"mean_commits":50.56737588652482,"dds":0.6840112201963534,"last_synced_commit":"90e949df86c64bfcb713a255872a097152a6e6a3"},"previous_names":[],"tags_count":247,"template":false,"template_full_name":null,"purl":"pkg:github/graphprotocol/graph-node","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/graphprotocol%2Fgraph-node","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/graphprotocol%2Fgraph-node/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/graphprotocol%2Fgraph-node/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/graphprotocol%2Fgraph-node/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/graphprotocol","download_url":"https://codeload.github.com/graphprotocol/graph-node/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/graphprotocol%2Fgraph-node/sbom","scorecard":{"id":443824,"data":{"date":"2025-08-11","repo":{"name":"github.com/graphprotocol/graph-node","commit":"dc0068a117e078f2984c8a34cfe8da64f31a57ac"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":3.4,"checks":[{"name":"Code-Review","score":10,"reason":"all changesets reviewed","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Maintained","score":10,"reason":"30 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/audit.yml:1","Warn: no topLevel permission defined: .github/workflows/ci.yml:1","Warn: no topLevel permission defined: .github/workflows/code-coverage.yml:1","Warn: no topLevel permission defined: .github/workflows/gnd-binary-build.yml:1","Warn: topLevel 'contents' permission set to 'write': .github/workflows/stale.yml:4","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Binary-Artifacts","score":0,"reason":"binaries present in source code","details":["Warn: binary detected: runtime/test/wasm_test/api_version_0_0_4/abi_classes.wasm:1","Warn: binary detected: runtime/test/wasm_test/api_version_0_0_4/abi_store_value.wasm:1","Warn: binary detected: runtime/test/wasm_test/api_version_0_0_4/abi_token.wasm:1","Warn: binary detected: runtime/test/wasm_test/api_version_0_0_4/abort.wasm:1","Warn: binary detected: runtime/test/wasm_test/api_version_0_0_4/big_int_arithmetic.wasm:1","Warn: binary detected: runtime/test/wasm_test/api_version_0_0_4/big_int_to_hex.wasm:1","Warn: binary detected: runtime/test/wasm_test/api_version_0_0_4/big_int_to_string.wasm:1","Warn: binary detected: runtime/test/wasm_test/api_version_0_0_4/bytes_to_base58.wasm:1","Warn: binary detected: runtime/test/wasm_test/api_version_0_0_4/contract_calls.wasm:1","Warn: binary detected: runtime/test/wasm_test/api_version_0_0_4/crypto.wasm:1","Warn: binary detected: runtime/test/wasm_test/api_version_0_0_4/data_source_create.wasm:1","Warn: binary detected: runtime/test/wasm_test/api_version_0_0_4/ens_name_by_hash.wasm:1","Warn: binary detected: runtime/test/wasm_test/api_version_0_0_4/ipfs_cat.wasm:1","Warn: binary detected: runtime/test/wasm_test/api_version_0_0_4/ipfs_map.wasm:1","Warn: binary detected: runtime/test/wasm_test/api_version_0_0_4/json_parsing.wasm:1","Warn: binary detected: runtime/test/wasm_test/api_version_0_0_4/non_terminating.wasm:1","Warn: binary detected: runtime/test/wasm_test/api_version_0_0_4/store.wasm:1","Warn: binary detected: runtime/test/wasm_test/api_version_0_0_4/string_to_number.wasm:1","Warn: binary detected: runtime/test/wasm_test/api_version_0_0_4/test_padding.wasm:1","Warn: binary detected: runtime/test/wasm_test/api_version_0_0_4/yaml_parsing.wasm:1","Warn: binary detected: runtime/test/wasm_test/api_version_0_0_5/abi_classes.wasm:1","Warn: binary detected: runtime/test/wasm_test/api_version_0_0_5/abi_store_value.wasm:1","Warn: binary detected: runtime/test/wasm_test/api_version_0_0_5/abi_token.wasm:1","Warn: binary detected: runtime/test/wasm_test/api_version_0_0_5/abort.wasm:1","Warn: binary detected: runtime/test/wasm_test/api_version_0_0_5/allocate_global.wasm:1","Warn: binary detected: runtime/test/wasm_test/api_version_0_0_5/array_blowup.wasm:1","Warn: binary detected: runtime/test/wasm_test/api_version_0_0_5/big_int_arithmetic.wasm:1","Warn: binary detected: runtime/test/wasm_test/api_version_0_0_5/big_int_size_limit.wasm:1","Warn: binary detected: runtime/test/wasm_test/api_version_0_0_5/big_int_to_hex.wasm:1","Warn: binary detected: runtime/test/wasm_test/api_version_0_0_5/big_int_to_string.wasm:1","Warn: binary detected: runtime/test/wasm_test/api_version_0_0_5/boolean.wasm:1","Warn: binary detected: runtime/test/wasm_test/api_version_0_0_5/bytes_to_base58.wasm:1","Warn: binary detected: runtime/test/wasm_test/api_version_0_0_5/contract_calls.wasm:1","Warn: binary detected: runtime/test/wasm_test/api_version_0_0_5/crypto.wasm:1","Warn: binary detected: runtime/test/wasm_test/api_version_0_0_5/data_source_create.wasm:1","Warn: binary detected: runtime/test/wasm_test/api_version_0_0_5/ens_name_by_hash.wasm:1","Warn: binary detected: runtime/test/wasm_test/api_version_0_0_5/ipfs_block.wasm:1","Warn: binary detected: runtime/test/wasm_test/api_version_0_0_5/ipfs_cat.wasm:1","Warn: binary detected: runtime/test/wasm_test/api_version_0_0_5/ipfs_map.wasm:1","Warn: binary detected: runtime/test/wasm_test/api_version_0_0_5/json_parsing.wasm:1","Warn: binary detected: runtime/test/wasm_test/api_version_0_0_5/non_terminating.wasm:1","Warn: binary detected: runtime/test/wasm_test/api_version_0_0_5/null_ptr_read.wasm:1","Warn: binary detected: runtime/test/wasm_test/api_version_0_0_5/recursion_limit.wasm:1","Warn: binary detected: runtime/test/wasm_test/api_version_0_0_5/store.wasm:1","Warn: binary detected: runtime/test/wasm_test/api_version_0_0_5/string_to_number.wasm:1","Warn: binary detected: runtime/test/wasm_test/api_version_0_0_5/test_padding.wasm:1","Warn: binary detected: runtime/test/wasm_test/api_version_0_0_5/yaml_parsing.wasm:1","Warn: binary detected: store/test-store/tests/chain/ethereum/ipfs-on-ethereum-contracts.wasm:1"],"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE-APACHE:0","Info: FSF or OSI recognized license: Apache License 2.0: LICENSE-APACHE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/audit.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/graphprotocol/graph-node/audit.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:194: update your workflow using https://app.stepsecurity.io/secureworkflow/graphprotocol/graph-node/ci.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:197: update your workflow using https://app.stepsecurity.io/secureworkflow/graphprotocol/graph-node/ci.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:207: update your workflow using https://app.stepsecurity.io/secureworkflow/graphprotocol/graph-node/ci.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:210: update your workflow using https://app.stepsecurity.io/secureworkflow/graphprotocol/graph-node/ci.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:214: update your workflow using https://app.stepsecurity.io/secureworkflow/graphprotocol/graph-node/ci.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:225: update your workflow using https://app.stepsecurity.io/secureworkflow/graphprotocol/graph-node/ci.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:226: update your workflow using https://app.stepsecurity.io/secureworkflow/graphprotocol/graph-node/ci.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:232: update your workflow using https://app.stepsecurity.io/secureworkflow/graphprotocol/graph-node/ci.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:45: update your workflow using https://app.stepsecurity.io/secureworkflow/graphprotocol/graph-node/ci.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:52: update your workflow using https://app.stepsecurity.io/secureworkflow/graphprotocol/graph-node/ci.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:90: update your workflow using https://app.stepsecurity.io/secureworkflow/graphprotocol/graph-node/ci.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:93: update your workflow using https://app.stepsecurity.io/secureworkflow/graphprotocol/graph-node/ci.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:99: update your workflow using https://app.stepsecurity.io/secureworkflow/graphprotocol/graph-node/ci.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:106: update your workflow using https://app.stepsecurity.io/secureworkflow/graphprotocol/graph-node/ci.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:113: update your workflow using https://app.stepsecurity.io/secureworkflow/graphprotocol/graph-node/ci.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:148: update your workflow using https://app.stepsecurity.io/secureworkflow/graphprotocol/graph-node/ci.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:149: update your workflow using https://app.stepsecurity.io/secureworkflow/graphprotocol/graph-node/ci.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:152: update your workflow using https://app.stepsecurity.io/secureworkflow/graphprotocol/graph-node/ci.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:162: update your workflow using https://app.stepsecurity.io/secureworkflow/graphprotocol/graph-node/ci.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:170: update your workflow using https://app.stepsecurity.io/secureworkflow/graphprotocol/graph-node/ci.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:177: update your workflow using https://app.stepsecurity.io/secureworkflow/graphprotocol/graph-node/ci.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/code-coverage.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/graphprotocol/graph-node/code-coverage.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/code-coverage.yml:43: update your workflow using https://app.stepsecurity.io/secureworkflow/graphprotocol/graph-node/code-coverage.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/code-coverage.yml:45: update your workflow using https://app.stepsecurity.io/secureworkflow/graphprotocol/graph-node/code-coverage.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/code-coverage.yml:52: update your workflow using https://app.stepsecurity.io/secureworkflow/graphprotocol/graph-node/code-coverage.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/code-coverage.yml:58: update your workflow using https://app.stepsecurity.io/secureworkflow/graphprotocol/graph-node/code-coverage.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/code-coverage.yml:65: update your workflow using https://app.stepsecurity.io/secureworkflow/graphprotocol/graph-node/code-coverage.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/code-coverage.yml:70: update your workflow using https://app.stepsecurity.io/secureworkflow/graphprotocol/graph-node/code-coverage.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/gnd-binary-build.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/graphprotocol/graph-node/gnd-binary-build.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/gnd-binary-build.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/graphprotocol/graph-node/gnd-binary-build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/gnd-binary-build.yml:61: update your workflow using https://app.stepsecurity.io/secureworkflow/graphprotocol/graph-node/gnd-binary-build.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/gnd-binary-build.yml:106: update your workflow using https://app.stepsecurity.io/secureworkflow/graphprotocol/graph-node/gnd-binary-build.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/gnd-binary-build.yml:116: update your workflow using https://app.stepsecurity.io/secureworkflow/graphprotocol/graph-node/gnd-binary-build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/gnd-binary-build.yml:137: update your workflow using https://app.stepsecurity.io/secureworkflow/graphprotocol/graph-node/gnd-binary-build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/gnd-binary-build.yml:152: update your workflow using https://app.stepsecurity.io/secureworkflow/graphprotocol/graph-node/gnd-binary-build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/gnd-binary-build.yml:162: update your workflow using https://app.stepsecurity.io/secureworkflow/graphprotocol/graph-node/gnd-binary-build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/stale.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/graphprotocol/graph-node/stale.yml/master?enable=pin","Warn: containerImage not pinned by hash: docker/Dockerfile:7","Warn: containerImage not pinned by hash: docker/Dockerfile:16","Warn: containerImage not pinned by hash: docker/Dockerfile:47","Warn: containerImage not pinned by hash: docker/Dockerfile:55","Warn: downloadThenRun not pinned by hash: .github/workflows/ci.yml:168","Warn: chocoCommand not pinned by hash: .github/workflows/gnd-binary-build.yml:59","Info:   0 out of  18 GitHub-owned GitHubAction dependencies pinned","Info:   1 out of  21 third-party GitHubAction dependencies pinned","Info:   0 out of   4 containerImage dependencies pinned","Info:   0 out of   1 downloadThenRun dependencies pinned","Info:   0 out of   1 chocoCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Info: 'allow deletion' disabled on branch 'master'","Warn: 'allow deletion' enabled on branch 'release-candidate-0.39.1'","Warn: 'allow deletion' enabled on branch 'release-candidate-0.39.0'","Warn: 'allow deletion' enabled on branch 'v0.38.0-rc'","Warn: 'allow deletion' enabled on branch 'eva/remove-runner-clones'","Info: 'force pushes' disabled on branch 'master'","Warn: 'force pushes' enabled on branch 'release-candidate-0.39.1'","Warn: 'force pushes' enabled on branch 'release-candidate-0.39.0'","Warn: 'force pushes' enabled on branch 'v0.38.0-rc'","Warn: 'force pushes' enabled on branch 'eva/remove-runner-clones'","Info: 'branch protection settings apply to administrators' is required to merge on branch 'master'","Info: 'branch protection settings apply to administrators' is required to merge on branch 'release-candidate-0.39.1'","Info: 'branch protection settings apply to administrators' is required to merge on branch 'release-candidate-0.39.0'","Info: 'branch protection settings apply to administrators' is required to merge on branch 'v0.38.0-rc'","Info: 'branch protection settings apply to administrators' is required to merge on branch 'eva/remove-runner-clones'","Warn: required approving review count is 1 on branch 'master'","Warn: codeowners review is not required on branch 'master'","Warn: could not determine whether codeowners review is allowed","Warn: could not determine whether codeowners review is allowed","Warn: could not determine whether codeowners review is allowed","Warn: could not determine whether codeowners review is allowed","Warn: no status checks found to merge onto branch 'master'","Warn: no status checks found to merge onto branch 'release-candidate-0.39.1'","Warn: no status checks found to merge onto branch 'release-candidate-0.39.0'","Warn: no status checks found to merge onto branch 'v0.38.0-rc'","Warn: no status checks found to merge onto branch 'eva/remove-runner-clones'","Info: PRs are required in order to make changes on branch 'master'","Warn: PRs are not required to make changes on branch 'release-candidate-0.39.1'; or we don't have data to detect it.If you think it might be the latter, make sure to run Scorecard with a PAT or use Repo Rules (that are always public) instead of Branch Protection settings","Warn: PRs are not required to make changes on branch 'release-candidate-0.39.0'; or we don't have data to detect it.If you think it might be the latter, make sure to run Scorecard with a PAT or use Repo Rules (that are always public) instead of Branch Protection settings","Warn: PRs are not required to make changes on branch 'v0.38.0-rc'; or we don't have data to detect it.If you think it might be the latter, make sure to run Scorecard with a PAT or use Repo Rules (that are always public) instead of Branch Protection settings","Warn: PRs are not required to make changes on branch 'eva/remove-runner-clones'; or we don't have data to detect it.If you think it might be the latter, make sure to run Scorecard with a PAT or use Repo Rules (that are always public) instead of Branch Protection settings"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 30 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":0,"reason":"63 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: RUSTSEC-2021-0145 / GHSA-g98v-hv3f-hcfr","Warn: Project is vulnerable to: RUSTSEC-2024-0375","Warn: Project is vulnerable to: RUSTSEC-2024-0388","Warn: Project is vulnerable to: RUSTSEC-2024-0421 / GHSA-h97m-ww89-6jmq","Warn: Project is vulnerable to: RUSTSEC-2022-0061","Warn: Project is vulnerable to: GHSA-2gh3-rmm4-6rq5","Warn: Project is vulnerable to: RUSTSEC-2024-0437","Warn: Project is vulnerable to: RUSTSEC-2022-0070 / GHSA-969w-q74q-9j8v","Warn: Project is vulnerable to: GHSA-c827-hfw6-qwvm","Warn: Project is vulnerable to: RUSTSEC-2024-0384","Warn: Project is vulnerable to: RUSTSEC-2023-0018 / GHSA-mc8h-8q98-g5hr","Warn: Project is vulnerable to: GHSA-968p-4wvh-cqc8","Warn: Project is vulnerable to: GHSA-wf5p-g6vw-rhxx","Warn: Project is vulnerable to: GHSA-jr5f-v2jv-69x6","Warn: Project is vulnerable to: GHSA-8hc4-vh64-cxmj","Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92","Warn: Project is vulnerable to: GHSA-xq7p-g2vc-g82p","Warn: Project is vulnerable to: GHSA-qwcr-r2fm-qrc7","Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw","Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg","Warn: Project is vulnerable to: GHSA-pxg6-pf52-xh8x","Warn: Project is vulnerable to: GHSA-7gc6-qh9x-w6h8","Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275","Warn: Project is vulnerable to: GHSA-phwq-j96m-2c2q","Warn: Project is vulnerable to: GHSA-ghr5-ch3p-vcr6","Warn: Project is vulnerable to: GHSA-434g-2637-qmqr","Warn: Project is vulnerable to: GHSA-49q7-c7j4-3p7m","Warn: Project is vulnerable to: GHSA-977x-g7h5-7qgw","Warn: Project is vulnerable to: GHSA-f7q4-pwc6-w24p","Warn: Project is vulnerable to: GHSA-fc9h-whq2-v747","Warn: Project is vulnerable to: GHSA-vjh7-7g9h-fjfh","Warn: Project is vulnerable to: GHSA-rv95-896h-c2vc","Warn: Project is vulnerable to: GHSA-qw6h-vgh9-j6wx","Warn: Project is vulnerable to: GHSA-cxjh-pqwp-8mfp","Warn: Project is vulnerable to: GHSA-fjxv-7rqg-78g4","Warn: Project is vulnerable to: GHSA-9c47-m6qq-7p4h","Warn: Project is vulnerable to: GHSA-29mw-wpgm-hmr9","Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv","Warn: Project is vulnerable to: GHSA-mwcw-c2x4-8c55","Warn: Project is vulnerable to: GHSA-r683-j2x4-v87g","Warn: Project is vulnerable to: GHSA-hcrg-fc28-fcg5","Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j","Warn: Project is vulnerable to: GHSA-rhx6-c78j-4q9w","Warn: Project is vulnerable to: GHSA-h7cp-r72f-jxh6","Warn: Project is vulnerable to: GHSA-v62p-rq8g-8h59","Warn: Project is vulnerable to: GHSA-p8p7-x288-28g6","Warn: Project is vulnerable to: GHSA-584q-6j8j-r5pm","Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw","Warn: Project is vulnerable to: GHSA-m6fv-jmcg-4jfg","Warn: Project is vulnerable to: GHSA-76p7-773f-r4q5","Warn: Project is vulnerable to: GHSA-cm22-4g7w-348p","Warn: Project is vulnerable to: GHSA-f5x3-32g6-xq36","Warn: Project is vulnerable to: GHSA-pq67-2wwv-3xjx","Warn: Project is vulnerable to: GHSA-8cj5-5rvv-wf4v","Warn: Project is vulnerable to: GHSA-52f5-9888-hmc6","Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3","Warn: Project is vulnerable to: GHSA-c76h-2ccp-4975","Warn: Project is vulnerable to: GHSA-cxrh-j4jr-qwg3","Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q","Warn: Project is vulnerable to: GHSA-p9pc-299p-vxgp","Warn: Project is vulnerable to: GHSA-93q8-gq69-wqmw","Warn: Project is vulnerable to: GHSA-9pv7-vfvm-6vr7","Warn: Project is vulnerable to: GHSA-h755-8qp9-cq85"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-19T06:12:52.753Z","repository_id":37479811,"created_at":"2025-08-19T06:12:52.754Z","updated_at":"2025-08-19T06:12:52.754Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31207704,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-03-30T15:24:02.938Z","status":"ssl_error","status_checked_at":"2026-03-30T15:23:44.804Z","response_time":138,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["blockchain","developer-tools","ethereum","graphql","graphql-api","graphql-server","ipfs","protocol"],"created_at":"2024-08-01T03:00:37.395Z","updated_at":"2026-04-02T19:05:36.361Z","avatar_url":"https://github.com/graphprotocol.png","language":"Rust","readme":"# Graph Node\n\n[![Build Status](https://github.com/graphprotocol/graph-node/actions/workflows/ci.yml/badge.svg)](https://github.com/graphprotocol/graph-node/actions/workflows/ci.yml?query=branch%3Amaster)\n[![Docs](https://img.shields.io/badge/docs-graph--node-green.svg)](docs/)\n[![Subgraphs](https://img.shields.io/badge/docs-subgraphs-green.svg)](https://thegraph.com/docs/en/subgraphs/quick-start/)\n\n## Overview\n\n[The Graph](https://thegraph.com/) is a decentralized protocol that organizes and distributes blockchain data across the leading Web3 networks. A key component of The Graph's tech stack is Graph Node.\n\nBefore using `graph-node,` it is highly recommended that you read the [official Graph documentation](https://thegraph.com/docs/en/subgraphs/quick-start/) to understand Subgraphs, which are the central mechanism for extracting and organizing blockchain data.\n\nThis guide is for:\n\n1. Subgraph developers who want to run `graph-node` locally to test their Subgraphs during development\n2. Contributors who want to add features or fix bugs to `graph-node` itself\n\n## Running `graph-node` from Docker images\n\nFor subgraph developers, it is highly recommended to use prebuilt Docker\nimages to set up a local `graph-node` environment. Please read [these\ninstructions](./docker/README.md) to learn how to do that.\n\n## Running `graph-node` from source\n\nThis is usually only needed for developers who want to contribute to `graph-node`.\n\n### Prerequisites\n\nTo build and run this project, you need to have the following installed on your system:\n\n- Rust (latest stable): Follow [How to install\n  Rust](https://rust-lang.org/tools/install/). Run `rustup install\nstable` in _this directory_ to make sure all required components are\n  installed. The `graph-node` code assumes that the latest available\n  `stable` compiler is used.\n- PostgreSQL: [PostgreSQL Downloads](https://www.postgresql.org/download/) lists\n  downloads for almost all operating systems.\n  - For OSX: We highly recommend [Postgres.app](https://postgresapp.com/).\n  - For Linux: Use the Postgres version that comes with the distribution.\n- IPFS: [Installing IPFS](https://docs.ipfs.io/install/)\n- Protobuf Compiler: [Installing Protobuf](https://grpc.io/docs/protoc-installation/)\n\nFor Ethereum network data, you can either run your own Ethereum node or use an Ethereum node provider of your choice.\n\n### Create a database\n\nOnce Postgres is running, you need to issue the following commands to create a database\nand configure it for use with `graph-node`.\n\nThe name of the `SUPERUSER` depends on your installation, but is usually `postgres` or your username.\n\n```bash\npsql -U \u003cSUPERUSER\u003e \u003c\u003cEOF\ncreate user graph with password '\u003cpassword\u003e';\ncreate database \"graph-node\" with owner=graph template=template0 encoding='UTF8' locale='C';\ncreate extension pg_trgm;\ncreate extension btree_gist;\ncreate extension postgres_fdw;\ngrant usage on foreign data wrapper postgres_fdw to graph;\nEOF\n```\n\nFor convenience, set the connection string to the database in an environment\nvariable, and save it, e.g., in `~/.bashrc`:\n\n```bash\nexport POSTGRES_URL=postgresql://graph:\u003cpassword\u003e@localhost:5432/graph-node\n```\n\nUse the `POSTGRES_URL` from above to have `graph-node` connect to the\ndatabase. If you ever need to manually inspect the contents of your\ndatabase, you can do that by running `psql $POSTGRES_URL`. Running this\ncommand is also a convenient way to check that the database is up and\nrunning and that the connection string is correct.\n\n### Build and Run `graph-node`\n\nClone this repository and run this command at the root of the repository:\n\n```bash\nexport GRAPH_LOG=debug\ncargo run -p graph-node --release -- \\\n  --postgres-url $POSTGRES_URL \\\n  --ethereum-rpc NETWORK_NAME:[CAPABILITIES]:URL \\\n  --ipfs 127.0.0.1:5001\n```\n\nThe argument for `--ethereum-rpc` contains a network name (e.g. `mainnet`) and\na list of provider capabilities (e.g. `archive,traces`). The URL is the address\nof the Ethereum node you want to connect to, usually a `https` URL, so that the\nentire argument might be `mainnet:archive,traces:https://provider.io/some/path`.\n\nWhen `graph-node` starts, it prints the various ports that it is listening on.\nThe most important of these is the GraphQL HTTP server, which by default\nis at `http://localhost:8000`. You can use routes like `/subgraphs/name/\u003csubgraph-name\u003e`\nand `/subgraphs/id/\u003cIPFS hash\u003e` to query subgraphs once you have deployed them.\n\n### Deploying a Subgraph\n\nFollow the [Subgraph deployment\nguide](https://thegraph.com/docs/en/subgraphs/developing/introduction/).\nAfter setting up `graph-cli` as described, you can deploy a Subgraph to your\nlocal Graph Node instance.\n\n### Advanced Configuration\n\nThe command line arguments generally are all that is needed to run a\n`graph-node` instance. For advanced uses, various aspects of `graph-node`\ncan further be configured through [environment\nvariables](https://github.com/graphprotocol/graph-node/blob/master/docs/environment-variables.md).\n\nVery large `graph-node` instances can also be configured using a\n[configuration file](./docs/config.md) That is usually only necessary when\nthe `graph-node` needs to connect to multiple chains or if the work of\nindexing and querying needs to be split across [multiple databases](./docs/config.md).\n\n## Contributing\n\nPlease check [CONTRIBUTING.md](CONTRIBUTING.md) for development flow and conventions we use.\nHere's [a list of good first issues](https://github.com/graphprotocol/graph-node/labels/good%20first%20issue).\n\n## License\n\nCopyright \u0026copy; 2018-2019 Graph Protocol, Inc. and contributors.\n\nThe Graph is dual-licensed under the [MIT license](LICENSE-MIT) and the [Apache License, Version 2.0](LICENSE-APACHE).\n\nUnless required by applicable law or agreed to in writing, software distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either expressed or implied. See the License for the specific language governing permissions and limitations under the License.\n","funding_links":[],"categories":["List of Web3 Libraries","Rust","⛓️ Blockchain \u0026 On-Chain","Web 3.0","Open source","Libraries and frameworks"],"sub_categories":["Ruby"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgraphprotocol%2Fgraph-node","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fgraphprotocol%2Fgraph-node","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgraphprotocol%2Fgraph-node/lists"}