{"id":22819971,"url":"https://github.com/lime-green/unison-gitignore","last_synced_at":"2026-03-13T14:33:17.323Z","repository":{"id":47689913,"uuid":"275517354","full_name":"lime-green/unison-gitignore","owner":"lime-green","description":"A gitignore-aware wrapper around Unison","archived":false,"fork":false,"pushed_at":"2023-01-01T17:15:19.000Z","size":24,"stargazers_count":9,"open_issues_count":3,"forks_count":1,"subscribers_count":1,"default_branch":"master","last_synced_at":"2026-01-17T09:30:19.750Z","etag":null,"topics":["filesync","git","gitignore","unison"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/lime-green.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2020-06-28T05:55:14.000Z","updated_at":"2023-10-30T11:56:11.000Z","dependencies_parsed_at":"2023-01-31T23:50:24.902Z","dependency_job_id":null,"html_url":"https://github.com/lime-green/unison-gitignore","commit_stats":null,"previous_names":[],"tags_count":10,"template":false,"template_full_name":null,"purl":"pkg:github/lime-green/unison-gitignore","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lime-green%2Funison-gitignore","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lime-green%2Funison-gitignore/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lime-green%2Funison-gitignore/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lime-green%2Funison-gitignore/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/lime-green","download_url":"https://codeload.github.com/lime-green/unison-gitignore/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lime-green%2Funison-gitignore/sbom","scorecard":{"id":590006,"data":{"date":"2025-08-11","repo":{"name":"github.com/lime-green/unison-gitignore","commit":"e7a63bcf57ed87119d662e87f706ce92c3a2d6b6"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":3.7,"checks":[{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Code-Review","score":0,"reason":"Found 1/22 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/python-publish.yml:1","Warn: no topLevel permission defined: .github/workflows/test.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/python-publish.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/lime-green/unison-gitignore/python-publish.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/python-publish.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/lime-green/unison-gitignore/python-publish.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/lime-green/unison-gitignore/test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/lime-green/unison-gitignore/test.yml/master?enable=pin","Warn: pipCommand not pinned by hash: .github/workflows/python-publish.yml:22","Warn: pipCommand not pinned by hash: .github/workflows/python-publish.yml:23","Warn: pipCommand not pinned by hash: .github/workflows/test.yml:25","Warn: pipCommand not pinned by hash: .github/workflows/test.yml:26","Warn: pipCommand not pinned by hash: .github/workflows/test.yml:27","Info:   0 out of   4 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of   5 pipCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: MIT License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Vulnerabilities","score":9,"reason":"1 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: PYSEC-2024-48 / GHSA-fj7x-q9j7-g6q6"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 9 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}}]},"last_synced_at":"2025-08-20T21:36:52.481Z","repository_id":47689913,"created_at":"2025-08-20T21:36:52.481Z","updated_at":"2025-08-20T21:36:52.481Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":30468321,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-03-13T11:00:43.441Z","status":"ssl_error","status_checked_at":"2026-03-13T11:00:23.173Z","response_time":60,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["filesync","git","gitignore","unison"],"created_at":"2024-12-12T15:15:22.467Z","updated_at":"2026-03-13T14:33:17.300Z","avatar_url":"https://github.com/lime-green.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"## Unison Gitignore\n[![PyPI version](https://badge.fury.io/py/unison-gitignore.svg)](https://badge.fury.io/py/unison-gitignore)\n\nA gitignore-aware wrapper around [Unison](https://github.com/bcpierce00/unison)\n\n`unison-gitignore` will walk the local root and any supplied paths finding gitignore files and then call\n`unison` with the appropriate unison ignore patterns\n\n## Usage\nFirst install it:\n```bash\npip install unison-gitignore\n```\n\nThen use:\n```bash\nunison-gitignore /home/john_doe/local_root ssh://remote_root/ -path data\n```\nIt accepts the exact same arguments as `unison`\n\n## Caveats\n- Will not add patterns when using two local roots:\n\n    Unison does the match without the root attached, so a .gitignore file\n    in either root would apply to both local roots\n- Will not add patterns when profile usage method is used\n- Does not handle `!pattern` in the same way as git does:\n\n    ```\n    b/\n    !b/c/test.py\n    ```\n    `test.py` will not be ignored in git, but will be ignored by `unison`\n\n    The [Unison reference](https://www.cis.upenn.edu/~bcpierce/unison/download/releases/stable/unison-manual.html#reference)\n    says this:\n    \u003e Unison starts detecting updates from the root of the replicas—i.e., from the empty path. If the empty path matches an ignore pattern and does not match an ignorenot pattern, then the whole replica will be ignored. (For this reason, it is not a good idea to include Name * as an ignore pattern. If you want to ignore everything except a certain set of files, use Name ?*.)\n\n    \u003e If the root is a directory, Unison continues looking for updates in all the immediate children of the root. Again, if the name of some child matches an ignore pattern and does not match an ignorenot pattern, then this whole path including everything below it will be ignored.\n\n    \u003e If any of the non-ignored children are directories, then the process continues recursively.\n\n    So any negated files or directories that are not direct children of an ignored directory will be ignored improperly.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Flime-green%2Funison-gitignore","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Flime-green%2Funison-gitignore","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Flime-green%2Funison-gitignore/lists"}