{"id":16115629,"url":"https://github.com/kornelski/avif-parse","last_synced_at":"2025-09-06T19:41:30.745Z","repository":{"id":62438400,"uuid":"290518038","full_name":"kornelski/avif-parse","owner":"kornelski","description":"AVIF parser for extracting AV1 payload from image files. Supports alpha channel association. Fork of Firefox's MP4 parser.","archived":false,"fork":false,"pushed_at":"2025-06-24T10:29:03.000Z","size":4327,"stargazers_count":10,"open_issues_count":0,"forks_count":1,"subscribers_count":3,"default_branch":"main","last_synced_at":"2025-08-26T04:53:04.157Z","etag":null,"topics":["avif","avif-decoder"],"latest_commit_sha":null,"homepage":"https://lib.rs/avif-parse","language":"Rust","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mpl-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/kornelski.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2020-08-26T14:24:03.000Z","updated_at":"2025-06-24T10:29:06.000Z","dependencies_parsed_at":"2022-11-01T21:46:38.063Z","dependency_job_id":null,"html_url":"https://github.com/kornelski/avif-parse","commit_stats":null,"previous_names":[],"tags_count":27,"template":false,"template_full_name":null,"purl":"pkg:github/kornelski/avif-parse","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kornelski%2Favif-parse","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kornelski%2Favif-parse/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kornelski%2Favif-parse/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kornelski%2Favif-parse/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/kornelski","download_url":"https://codeload.github.com/kornelski/avif-parse/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kornelski%2Favif-parse/sbom","scorecard":{"id":567736,"data":{"date":"2025-08-11","repo":{"name":"github.com/kornelski/avif-parse","commit":"de5ec3408eb00766ed45ba7fc51974a315c8035a"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":3.4,"checks":[{"name":"Maintained","score":3,"reason":"4 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 3","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Dangerous-Workflow","score":-1,"reason":"no workflows found","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Token-Permissions","score":-1,"reason":"No tokens found","details":null,"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Code-Review","score":0,"reason":"Found 1/29 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Pinned-Dependencies","score":-1,"reason":"no dependencies found","details":null,"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: Mozilla Public License 2.0: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'main'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 2 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}}]},"last_synced_at":"2025-08-20T15:26:43.761Z","repository_id":62438400,"created_at":"2025-08-20T15:26:43.761Z","updated_at":"2025-08-20T15:26:43.761Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":273955411,"owners_count":25197577,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-09-06T02:00:13.247Z","response_time":2576,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["avif","avif-decoder"],"created_at":"2024-10-09T20:19:21.857Z","updated_at":"2025-09-06T19:41:30.723Z","avatar_url":"https://github.com/kornelski.png","language":"Rust","funding_links":[],"categories":[],"sub_categories":[],"readme":"# AVIF file structure parser (demuxer)\n\nGet AV1 payload and the alpha channel metadata out of AVIF image files.\n\nThis is a minimal ISOBMFF/MIAF and AV1 OBU parser. It is a fork of Mozilla's MP4 parser used in Firefox, so it's designed to be robust and safely handle untrusted data. This crate is written entirely in safe Rust code.\n\nThe parser is compatible with files supported by libavif, Chrome 85 and Firefox 81a. It parses all files in [the AOM test suite](https://github.com/AOMediaCodec/av1-avif).\n\n[API documentation](https://docs.rs/avif-parse/)\n\nThis crate doesn't include an AV1 decoder. To display the pixels you will additionally need [dav1d](https://code.videolan.org/videolan/dav1d) or [libaom](https://lib.rs/libaom-sys) ([full decoder example](https://gitlab.com/kornelski/aom-decode)).\n\n## Usage from Rust\n\nIt takes `io::Read`, so you can use any readable input, such as a byte slice (`vec.as_slice()`), or a `File` wrapped in `BufReader`, etc.\n\n```rust\nlet data = read_avif(\u0026mut slice)?;\nav1_decode(\u0026data.primary_item)?;\nif let Some(alpha) = \u0026data.alpha_item {\n    av1_decode(alpha)?;\n}\nif data.premultiplied_alpha {\n    // after decoding, remember to divide R,G,B values by A\n}\n```\n\n## Usage from C\n\nInstall Rust 1.68 or later, preferably via [rustup](https://rustup.rs), and run:\n\n```bash\ncargo build --release\n```\n\nIt will build `./target/release/libavif_parse.a` (or `avif_parse.lib` on Windows). Link it with your project.\n\nCargo supports cross-compilation, so you can easily build it for other platforms (e.g. [iOS](https://lib.rs/crates/cargo-xcode)).\n\n```c\n#include \"avif_parse.h\"\navif_data_t data = avif_parse(file_data, file_length);\n\nif (data) {\n    av1_decode(data.primary_data, data.primary_size);\n    if (data.alpha_data) {\n        av1_decode(data.alpha_data, data.alpha_size);\n    }\n    if (data.premultiplied_alpha) {\n        // after decoding, remember to divide R,G,B values by A\n    }\n}\n\navif_data_free(data);\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fkornelski%2Favif-parse","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fkornelski%2Favif-parse","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fkornelski%2Favif-parse/lists"}