{"id":15036436,"url":"https://github.com/lowrisc/opentitan","last_synced_at":"2026-01-27T19:04:21.385Z","repository":{"id":37252570,"uuid":"204516692","full_name":"lowRISC/opentitan","owner":"lowRISC","description":"OpenTitan: Open source silicon root of trust","archived":false,"fork":false,"pushed_at":"2026-01-19T16:53:25.000Z","size":193316,"stargazers_count":3101,"open_issues_count":1781,"forks_count":936,"subscribers_count":112,"default_branch":"master","last_synced_at":"2026-01-19T21:57:06.591Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"https://www.opentitan.org","language":"SystemVerilog","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/lowRISC.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":".github/CODEOWNERS","security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":"NOTICE","maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":"CLA"}},"created_at":"2019-08-26T16:30:16.000Z","updated_at":"2026-01-19T16:53:27.000Z","dependencies_parsed_at":"2025-08-20T18:16:27.139Z","dependency_job_id":"6cc966b5-121a-4e5d-82b0-1c25c8bb5336","html_url":"https://github.com/lowRISC/opentitan","commit_stats":null,"previous_names":[],"tags_count":109,"template":false,"template_full_name":null,"purl":"pkg:github/lowRISC/opentitan","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lowRISC%2Fopentitan","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lowRISC%2Fopentitan/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lowRISC%2Fopentitan/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lowRISC%2Fopentitan/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/lowRISC","download_url":"https://codeload.github.com/lowRISC/opentitan/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lowRISC%2Fopentitan/sbom","scorecard":{"id":579005,"data":{"date":"2025-08-11","repo":{"name":"github.com/lowRISC/opentitan","commit":"7e213eae9a432955ec32d3927d357d8adae2595f"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":4.9,"checks":[{"name":"Code-Review","score":10,"reason":"all changesets reviewed","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Maintained","score":10,"reason":"30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Security-Policy","score":10,"reason":"security policy file detected","details":["Info: security policy file detected: SECURITY.md:1","Info: Found linked content: SECURITY.md:1","Info: Found disclosure, vulnerability, and/or timelines in security policy: SECURITY.md:1","Info: Found text in security policy: SECURITY.md:1"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Dangerous-Workflow","score":0,"reason":"dangerous workflow patterns detected","details":["Warn: untrusted code checkout '${{ github.event.pull_request.head.sha }}': .github/workflows/cherrypick.yml:34"],"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: jobLevel 'contents' permission set to 'write': .github/workflows/cherrypick.yml:28","Warn: no topLevel permission defined: .github/workflows/bitstream.yml:1","Info: topLevel 'contents' permission set to 'read': .github/workflows/cherrypick.yml:11","Info: topLevel 'contents' permission set to 'read': .github/workflows/ci.yml:19","Warn: no topLevel permission defined: .github/workflows/fpga.yml:1","Info: topLevel 'contents' permission set to 'read': .github/workflows/nightly.yml:19","Info: topLevel 'contents' permission set to 'read': .github/workflows/pr_change_check.yml:10","Info: topLevel 'pull-requests' permission set to 'read': .github/workflows/pr_change_check.yml:12","Warn: topLevel 'contents' permission set to 'write': .github/workflows/private-ci.yml:19","Warn: topLevel 'actions' permission set to 'write': .github/workflows/rerun.yml:11","Warn: topLevel 'contents' permission set to 'write': .github/workflows/rerun.yml:12"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: Apache License 2.0: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":5,"reason":"branch protection is not maximal on development and all release branches","details":["Info: 'allow deletion' disabled on branch 'master'","Info: 'force pushes' disabled on branch 'master'","Warn: 'branch protection settings apply to administrators' is disabled on branch 'master'","Warn: required approving review count is 1 on branch 'master'","Warn: codeowners review is not required on branch 'master'","Warn: 'up-to-date branches' is disabled on branch 'master'","Info: status check found to merge onto on branch 'master'","Info: PRs are required in order to make changes on branch 'master'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Fuzzing","score":10,"reason":"project is fuzzed","details":["Info: CppLibFuzzer integration found: sw/device/silicon_creator/rom/bootstrap_fuzz_test.cc:45","Info: CppLibFuzzer integration found: sw/device/silicon_creator/rom/bootstrap_fuzz_test.cc:45"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Binary-Artifacts","score":6,"reason":"binaries present in source code","details":["Warn: binary detected: sw/device/silicon_creator/rom/binaries/rom_with_real_keys_fpga_cw310.elf:1","Warn: binary detected: sw/device/silicon_creator/rom/binaries/rom_with_real_keys_sim_dv.elf:1","Warn: binary detected: sw/device/silicon_creator/rom/binaries/rom_with_real_keys_sim_verilator.elf:1","Warn: binary detected: sw/device/silicon_creator/rom_ext/imm_section/prebuilts/nop.o:1"],"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Packaging","score":10,"reason":"packaging workflow detected","details":["Info: Project packages its releases by way of GitHub Actions.: .github/workflows/ci.yml:664"],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 30 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Pinned-Dependencies","score":1,"reason":"dependency not pinned by hash detected -- score normalized to 1","details":["Info: Possibly incomplete results: error parsing shell code: not a valid arithmetic operator: GNU: bazelisk.sh:0","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/bitstream.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/lowRISC/opentitan/bitstream.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/bitstream.yml:102: update your workflow using https://app.stepsecurity.io/secureworkflow/lowRISC/opentitan/bitstream.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/bitstream.yml:109: update your workflow using https://app.stepsecurity.io/secureworkflow/lowRISC/opentitan/bitstream.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cherrypick.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/lowRISC/opentitan/cherrypick.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:186: update your workflow using https://app.stepsecurity.io/secureworkflow/lowRISC/opentitan/ci.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:695: update your workflow using https://app.stepsecurity.io/secureworkflow/lowRISC/opentitan/ci.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:792: update your workflow using https://app.stepsecurity.io/secureworkflow/lowRISC/opentitan/ci.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:139: update your workflow using https://app.stepsecurity.io/secureworkflow/lowRISC/opentitan/ci.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:149: update your workflow using https://app.stepsecurity.io/secureworkflow/lowRISC/opentitan/ci.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:670: update your workflow using https://app.stepsecurity.io/secureworkflow/lowRISC/opentitan/ci.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:672: update your workflow using https://app.stepsecurity.io/secureworkflow/lowRISC/opentitan/ci.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:681: update your workflow using https://app.stepsecurity.io/secureworkflow/lowRISC/opentitan/ci.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:766: update your workflow using https://app.stepsecurity.io/secureworkflow/lowRISC/opentitan/ci.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:280: update your workflow using https://app.stepsecurity.io/secureworkflow/lowRISC/opentitan/ci.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:424: update your workflow using https://app.stepsecurity.io/secureworkflow/lowRISC/opentitan/ci.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:296: update your workflow using https://app.stepsecurity.io/secureworkflow/lowRISC/opentitan/ci.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:308: update your workflow using https://app.stepsecurity.io/secureworkflow/lowRISC/opentitan/ci.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/lowRISC/opentitan/ci.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:216: update your workflow using https://app.stepsecurity.io/secureworkflow/lowRISC/opentitan/ci.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:230: update your workflow using https://app.stepsecurity.io/secureworkflow/lowRISC/opentitan/ci.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:348: update your workflow using https://app.stepsecurity.io/secureworkflow/lowRISC/opentitan/ci.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:392: update your workflow using https://app.stepsecurity.io/secureworkflow/lowRISC/opentitan/ci.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:627: update your workflow using https://app.stepsecurity.io/secureworkflow/lowRISC/opentitan/ci.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:629: update your workflow using https://app.stepsecurity.io/secureworkflow/lowRISC/opentitan/ci.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:246: update your workflow using https://app.stepsecurity.io/secureworkflow/lowRISC/opentitan/ci.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:90: update your workflow using https://app.stepsecurity.io/secureworkflow/lowRISC/opentitan/ci.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:328: update your workflow using https://app.stepsecurity.io/secureworkflow/lowRISC/opentitan/ci.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/fpga.yml:55: update your workflow using https://app.stepsecurity.io/secureworkflow/lowRISC/opentitan/fpga.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/fpga.yml:109: update your workflow using https://app.stepsecurity.io/secureworkflow/lowRISC/opentitan/fpga.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nightly.yml:211: update your workflow using https://app.stepsecurity.io/secureworkflow/lowRISC/opentitan/nightly.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr_change_check.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/lowRISC/opentitan/pr_change_check.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/private-ci.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/lowRISC/opentitan/private-ci.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/rerun.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/lowRISC/opentitan/rerun.yml/master?enable=pin","Warn: containerImage not pinned by hash: site/redirector/docs/Dockerfile:5: pin your Docker image by updating nginx to nginx@sha256:33e0bbc7ca9ecf108140af6288c7c9d1ecc77548cbfd3952fd8466a75edefe57","Warn: containerImage not pinned by hash: site/redirector/landing/Dockerfile:5: pin your Docker image by updating nginx to nginx@sha256:33e0bbc7ca9ecf108140af6288c7c9d1ecc77548cbfd3952fd8466a75edefe57","Warn: containerImage not pinned by hash: util/container/Dockerfile:19","Warn: pipCommand not pinned by hash: util/container/Dockerfile:158-161","Warn: pipCommand not pinned by hash: util/container/Dockerfile:158-161","Info:   0 out of  30 GitHub-owned GitHubAction dependencies pinned","Info:   2 out of   5 third-party GitHubAction dependencies pinned","Info:   0 out of   3 containerImage dependencies pinned","Info:   0 out of   2 pipCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Vulnerabilities","score":0,"reason":"17 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: PYSEC-2020-29 / GHSA-5v8v-66v8-mwm7","Warn: Project is vulnerable to: GHSA-cpwx-vrp4-4pq7","Warn: Project is vulnerable to: GHSA-gmj6-6f8f-6699","Warn: Project is vulnerable to: GHSA-h5c8-rqwp-cp95","Warn: Project is vulnerable to: GHSA-h75v-3vvj-5mfj","Warn: Project is vulnerable to: GHSA-q2x7-8rv6-6q7h","Warn: Project is vulnerable to: PYSEC-2022-260 / GHSA-v973-fxgf-6xhp","Warn: Project is vulnerable to: PYSEC-2020-73","Warn: Project is vulnerable to: PYSEC-2021-142 / GHSA-8q59-q68h-6hv4","Warn: Project is vulnerable to: PYSEC-2018-49 / GHSA-rprw-h62v-c2w7","Warn: Project is vulnerable to: GHSA-9hjg-9r4m-mvj7","Warn: Project is vulnerable to: GHSA-48p4-8xcf-vxj5","Warn: Project is vulnerable to: GHSA-pq67-6m6q-mj2v","Warn: Project is vulnerable to: RUSTSEC-2024-0421 / GHSA-h97m-ww89-6jmq","Warn: Project is vulnerable to: GHSA-c827-hfw6-qwvm","Warn: Project is vulnerable to: RUSTSEC-2024-0436","Warn: Project is vulnerable to: RUSTSEC-2023-0071"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-20T18:39:14.119Z","repository_id":37252570,"created_at":"2025-08-20T18:39:14.119Z","updated_at":"2025-08-20T18:39:14.119Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28819062,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-27T18:44:20.126Z","status":"ssl_error","status_checked_at":"2026-01-27T18:44:09.161Z","response_time":168,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-09-24T20:31:09.891Z","updated_at":"2026-01-27T19:04:21.354Z","avatar_url":"https://github.com/lowRISC.png","language":"SystemVerilog","readme":"# OpenTitan\n\n![OpenTitan logo](https://docs.opentitan.org/doc/opentitan-logo.png)\n\n## About the project\n\n[OpenTitan](https://opentitan.org) is an open source silicon Root of Trust\n(RoT) project.  OpenTitan will make the silicon RoT design and implementation\nmore transparent, trustworthy, and secure for enterprises, platform providers,\nand chip manufacturers.  OpenTitan is administered by [lowRISC\nCIC](https://www.lowrisc.org) as a collaborative project to produce high\nquality, open IP for instantiation as a full-featured product. See the\n[OpenTitan site](https://opentitan.org/) and [OpenTitan\ndocs](https://opentitan.org/book) for more information about the project.\n\n## About this repository\n\nThis repository contains hardware, software and utilities written as part of the\nOpenTitan project. It is structured as monolithic repository, or \"monorepo\",\nwhere all components live in one repository. It exists to enable collaboration\nacross partners participating in the OpenTitan project.\n\n## Documentation\n\nThe project contains comprehensive documentation of all IPs and tools. You can\naccess it [online at docs.opentitan.org](https://docs.opentitan.org/).\n\n## How to contribute\n\nHave a look at [CONTRIBUTING](CONTRIBUTING.md) and our [documentation on\nproject organization and processes](./doc/project_governance/README.md)\nfor guidelines on how to contribute code to this repository.\n\n## Licensing\n\nUnless otherwise noted, everything in this repository is covered by the Apache\nLicense, Version 2.0 (see [LICENSE](https://github.com/lowRISC/opentitan/blob/master/LICENSE) for full text).\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Flowrisc%2Fopentitan","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Flowrisc%2Fopentitan","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Flowrisc%2Fopentitan/lists"}