{"id":29991562,"url":"https://github.com/maximhq/bifrost","last_synced_at":"2026-06-17T01:01:07.440Z","repository":{"id":288023734,"uuid":"951115072","full_name":"maximhq/bifrost","owner":"maximhq","description":"Fastest enterprise AI gateway (50x faster than LiteLLM) with adaptive load balancer, cluster mode, guardrails, 1000+ models support \u0026 \u003c100 µs overhead at 5k RPS.","archived":false,"fork":false,"pushed_at":"2026-06-12T13:14:24.000Z","size":762444,"stargazers_count":5703,"open_issues_count":495,"forks_count":746,"subscribers_count":25,"default_branch":"dev","last_synced_at":"2026-06-12T13:26:11.565Z","etag":null,"topics":["ai-gateway","gateway","gateway-services","generative-ai","guardrails","llm","llm-cost","llm-gateway","llm-observability","llmops","load-balancing","mcp-client","mcp-gateway","mcp-server","model-router","token-management"],"latest_commit_sha":null,"homepage":"https://www.getmaxim.ai/bifrost","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/maximhq.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"docs/contributing/adding-a-configstore.mdx","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":".github/CODEOWNERS","security":"SECURITY.md","support":"docs/supportWidget.js","governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":"AGENTS.md","dco":null,"cla":null}},"created_at":"2025-03-19T07:21:26.000Z","updated_at":"2026-06-12T12:53:46.000Z","dependencies_parsed_at":"2026-01-31T20:09:46.423Z","dependency_job_id":null,"html_url":"https://github.com/maximhq/bifrost","commit_stats":null,"previous_names":["maximhq/bifrost"],"tags_count":1838,"template":false,"template_full_name":null,"purl":"pkg:github/maximhq/bifrost","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/maximhq%2Fbifrost","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/maximhq%2Fbifrost/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/maximhq%2Fbifrost/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/maximhq%2Fbifrost/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/maximhq","download_url":"https://codeload.github.com/maximhq/bifrost/tar.gz/refs/heads/dev","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/maximhq%2Fbifrost/sbom","scorecard":{"id":1245443,"data":{"date":"2026-04-01T12:51:53Z","repo":{"name":"github.com/maximhq/bifrost","commit":"1d180f3a89b7abd5271bdf235433aa1b9864c166"},"scorecard":{"version":"v5.0.0","commit":"ea7e27ed41b76ab879c862fa0ca4cc9c61764ee4"},"score":6.6,"checks":[{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/ea7e27ed41b76ab879c862fa0ca4cc9c61764ee4/docs/checks.md#binary-artifacts"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/ea7e27ed41b76ab879c862fa0ca4cc9c61764ee4/docs/checks.md#branch-protection"}},{"name":"CI-Tests","score":10,"reason":"17 out of 17 merged PRs checked by a CI test -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project runs tests before pull requests are merged.","url":"https://github.com/ossf/scorecard/blob/ea7e27ed41b76ab879c862fa0ca4cc9c61764ee4/docs/checks.md#ci-tests"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/ea7e27ed41b76ab879c862fa0ca4cc9c61764ee4/docs/checks.md#cii-best-practices"}},{"name":"Code-Review","score":1,"reason":"Found 5/30 approved changesets -- score normalized to 1","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/ea7e27ed41b76ab879c862fa0ca4cc9c61764ee4/docs/checks.md#code-review"}},{"name":"Contributors","score":10,"reason":"project has 17 contributing companies or organizations","details":["Info: maximhq contributor org/company found, swarms contributor org/company found, EddieHubCommunity contributor org/company found, SoferAi contributor org/company found, parasail-ai contributor org/company found, llamaindex contributor org/company found, csivitu contributor org/company found, aqora-io contributor org/company found, TeamInkGenius contributor org/company found, ExhibitHQ contributor org/company found, zonedb contributor org/company found, Interact-Org contributor org/company found, tanium contributor org/company found, AskDevs contributor org/company found, reaktor contributor org/company found, averlon contributor org/company found, harness contributor org/company found, "],"documentation":{"short":"Determines if the project has a set of contributors from multiple organizations (e.g., companies).","url":"https://github.com/ossf/scorecard/blob/ea7e27ed41b76ab879c862fa0ca4cc9c61764ee4/docs/checks.md#contributors"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/ea7e27ed41b76ab879c862fa0ca4cc9c61764ee4/docs/checks.md#dangerous-workflow"}},{"name":"Dependency-Update-Tool","score":10,"reason":"update tool detected","details":["Info: detected update tool: Dependabot: .github/dependabot.yml:1"],"documentation":{"short":"Determines if the project uses a dependency update tool.","url":"https://github.com/ossf/scorecard/blob/ea7e27ed41b76ab879c862fa0ca4cc9c61764ee4/docs/checks.md#dependency-update-tool"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/ea7e27ed41b76ab879c862fa0ca4cc9c61764ee4/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: Apache License 2.0: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/ea7e27ed41b76ab879c862fa0ca4cc9c61764ee4/docs/checks.md#license"}},{"name":"Maintained","score":10,"reason":"30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/ea7e27ed41b76ab879c862fa0ca4cc9c61764ee4/docs/checks.md#maintained"}},{"name":"Packaging","score":10,"reason":"packaging workflow detected","details":["Info: Project packages its releases by way of GitHub Actions.: .github/workflows/npx-publish.yml:48"],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/ea7e27ed41b76ab879c862fa0ca4cc9c61764ee4/docs/checks.md#packaging"}},{"name":"Pinned-Dependencies","score":8,"reason":"dependency not pinned by hash detected -- score normalized to 8","details":["Info: Possibly incomplete results: error parsing shell code: a command can only contain words and redirects; encountered (: .github/workflows/scripts/test-bifrost-http.sh:149","Info: Possibly incomplete results: error parsing shell code: a command can only contain words and redirects; encountered (: .github/workflows/scripts/test-e2e-ui.sh:84","Warn: containerImage not pinned by hash: transports/Dockerfile.local:5","Warn: containerImage not pinned by hash: transports/Dockerfile.local:21","Warn: containerImage not pinned by hash: transports/Dockerfile.local:71: pin your Docker image by updating alpine:3.23.3 to alpine:3.23.3@sha256:25109184c71bdad752c8312a8623239686a9a2071e8825f20acb8f2198c3f659","Warn: pipCommand not pinned by hash: .github/workflows/scripts/configure-r2.sh:9","Warn: goCommand not pinned by hash: .github/workflows/scripts/load-test.sh:152","Warn: pipCommand not pinned by hash: .github/workflows/scripts/run-integration-tests.sh:280","Warn: npmCommand not pinned by hash: .github/workflows/scripts/run-tests.sh:66","Warn: pipCommand not pinned by hash: .github/workflows/scripts/run-tests.sh:108","Warn: pipCommand not pinned by hash: .github/workflows/scripts/run-tests.sh:141","Warn: npmCommand not pinned by hash: .github/workflows/scripts/test-core.sh:26","Warn: pipCommand not pinned by hash: .github/workflows/scripts/test-integrations.sh:145","Warn: npmCommand not pinned by hash: tests/e2e/api/runners/run-newman-api-tests.sh:230","Warn: pipCommand not pinned by hash: .github/workflows/openapi-bundle.yml:45","Warn: npmCommand not pinned by hash: .github/workflows/release-pipeline.yml:566","Warn: npmCommand not pinned by hash: .github/workflows/release-pipeline.yml:640","Info:  91 out of  91 GitHub-owned GitHubAction dependencies pinned","Info:  62 out of  62 third-party GitHubAction dependencies pinned","Info:   3 out of   6 containerImage dependencies pinned","Info:   5 out of  10 npmCommand dependencies pinned","Info:   0 out of   6 pipCommand dependencies pinned","Info:   0 out of   1 goCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/ea7e27ed41b76ab879c862fa0ca4cc9c61764ee4/docs/checks.md#pinned-dependencies"}},{"name":"SAST","score":10,"reason":"SAST tool is run on all commits","details":["Info: all commits (17) are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/ea7e27ed41b76ab879c862fa0ca4cc9c61764ee4/docs/checks.md#sast"}},{"name":"Security-Policy","score":10,"reason":"security policy file detected","details":["Info: security policy file detected: SECURITY.md:1","Info: Found linked content: SECURITY.md:1","Info: Found disclosure, vulnerability, and/or timelines in security policy: SECURITY.md:1","Info: Found text in security policy: SECURITY.md:1"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/ea7e27ed41b76ab879c862fa0ca4cc9c61764ee4/docs/checks.md#security-policy"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/ea7e27ed41b76ab879c862fa0ca4cc9c61764ee4/docs/checks.md#signed-releases"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Info: jobLevel 'contents' permission set to 'read': .github/workflows/e2e-tests.yml:20","Info: jobLevel 'contents' permission set to 'read': .github/workflows/npx-publish.yml:25","Warn: jobLevel 'contents' permission set to 'write': .github/workflows/npx-publish.yml:53","Warn: jobLevel 'contents' permission set to 'write': .github/workflows/npx-publish.yml:176","Info: jobLevel 'contents' permission set to 'read': .github/workflows/pr-tests.yml:25","Info: jobLevel 'contents' permission set to 'read': .github/workflows/pr-tests.yml:62","Info: jobLevel 'contents' permission set to 'read': .github/workflows/release-cli.yml:52","Warn: jobLevel 'contents' permission set to 'write': .github/workflows/release-cli.yml:79","Warn: jobLevel 'contents' permission set to 'write': .github/workflows/release-cli.yml:120","Warn: jobLevel 'contents' permission set to 'write': .github/workflows/release-pipeline.yml:1151","Warn: jobLevel 'contents' permission set to 'write': .github/workflows/release-pipeline.yml:1208","Info: jobLevel 'contents' permission set to 'read': .github/workflows/release-pipeline.yml:541","Warn: jobLevel 'contents' permission set to 'write': .github/workflows/release-pipeline.yml:790","Info: jobLevel 'contents' permission set to 'read': .github/workflows/release-pipeline.yml:178","Info: jobLevel 'contents' permission set to 'read': .github/workflows/release-pipeline.yml:248","Info: jobLevel 'contents' permission set to 'read': .github/workflows/release-pipeline.yml:1042","Info: jobLevel 'contents' permission set to 'read': .github/workflows/release-pipeline.yml:83","Info: jobLevel 'contents' permission set to 'read': .github/workflows/release-pipeline.yml:323","Info: jobLevel 'contents' permission set to 'read': .github/workflows/release-pipeline.yml:373","Info: jobLevel 'contents' permission set to 'read': .github/workflows/release-pipeline.yml:420","Warn: jobLevel 'contents' permission set to 'write': .github/workflows/release-pipeline.yml:700","Warn: jobLevel 'contents' permission set to 'write': .github/workflows/release-pipeline.yml:889","Info: jobLevel 'contents' permission set to 'read': .github/workflows/release-pipeline.yml:1098","Warn: jobLevel 'contents' permission set to 'write': .github/workflows/release-pipeline.yml:1388","Warn: jobLevel 'contents' permission set to 'write': .github/workflows/release-pipeline.yml:999","Warn: jobLevel 'contents' permission set to 'write': .github/workflows/release-pipeline.yml:1284","Info: jobLevel 'contents' permission set to 'read': .github/workflows/release-pipeline.yml:477","Info: jobLevel 'contents' permission set to 'read': .github/workflows/release-pipeline.yml:615","Info: jobLevel 'pull-requests' permission set to 'read': .github/workflows/scorecards.yml:33","Info: jobLevel 'checks' permission set to 'read': .github/workflows/scorecards.yml:35","Info: jobLevel 'contents' permission set to 'read': .github/workflows/scorecards.yml:29","Info: jobLevel 'actions' permission set to 'read': .github/workflows/scorecards.yml:30","Info: jobLevel 'issues' permission set to 'read': .github/workflows/scorecards.yml:32","Info: topLevel 'contents' permission set to 'read': .github/workflows/dependency-review.yml:13","Info: topLevel 'contents' permission set to 'read': .github/workflows/docs-validation.yml:13","Info: topLevel 'contents' permission set to 'read': .github/workflows/e2e-tests.yml:12","Warn: topLevel 'contents' permission set to 'write': .github/workflows/helm-release.yml:13","Info: topLevel 'contents' permission set to 'read': .github/workflows/npx-publish.yml:18","Warn: topLevel 'contents' permission set to 'write': .github/workflows/openapi-bundle.yml:16","Info: topLevel 'contents' permission set to 'read': .github/workflows/pr-tests.yml:18","Info: topLevel 'contents' permission set to 'read': .github/workflows/release-cli.yml:14","Info: topLevel 'contents' permission set to 'read': .github/workflows/release-pipeline.yml:14","Info: topLevel permissions set to 'read-all': .github/workflows/scorecards.yml:18","Info: topLevel 'contents' permission set to 'read': .github/workflows/snyk.yml:11","Warn: topLevel 'security-events' permission set to 'write': .github/workflows/snyk.yml:12"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/ea7e27ed41b76ab879c862fa0ca4cc9c61764ee4/docs/checks.md#token-permissions"}},{"name":"Vulnerabilities","score":0,"reason":"39 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-6g7g-w4f8-9c9x / GO-2026-4514","Warn: Project is vulnerable to: GHSA-wc8c-qw6v-h7f6","Warn: Project is vulnerable to: GHSA-345p-7cg4-v4c7","Warn: Project is vulnerable to: GHSA-2g4f-4pwh-qvx6","Warn: Project is vulnerable to: GHSA-5pq2-9x2x-5p6w","Warn: Project is vulnerable to: GHSA-6wqw-2p9w-4vw4","Warn: Project is vulnerable to: GHSA-9r54-q6cx-xmh5","Warn: Project is vulnerable to: GHSA-gq3j-xvxp-8hrf","Warn: Project is vulnerable to: GHSA-p6xx-57qc-3wxr","Warn: Project is vulnerable to: GHSA-q5qw-h33p-qvwr","Warn: Project is vulnerable to: GHSA-r354-f388-2fhh","Warn: Project is vulnerable to: GHSA-v8w9-8mx6-g223","Warn: Project is vulnerable to: GHSA-w332-q679-j88p","Warn: Project is vulnerable to: GHSA-27v5-c462-wpq7","Warn: Project is vulnerable to: GHSA-j3q9-mxjg-w52f","Warn: Project is vulnerable to: GHSA-w7fw-mjwx-w883","Warn: Project is vulnerable to: GHSA-f886-m6hf-6m8v","Warn: Project is vulnerable to: GHSA-67mh-4wv8-2f99","Warn: Project is vulnerable to: GHSA-8gc5-j5rx-235r","Warn: Project is vulnerable to: GHSA-fj3w-jwp8-x2g3","Warn: Project is vulnerable to: GHSA-jmr7-xgp7-cmfj","Warn: Project is vulnerable to: GHSA-jp2q-39xq-3w4g","Warn: Project is vulnerable to: GHSA-m7jm-9gc2-mpf2","Warn: Project is vulnerable to: GHSA-37qj-frw5-hhjh","Warn: Project is vulnerable to: GHSA-25h7-pfq9-p65f","Warn: Project is vulnerable to: GHSA-rf6f-7fwh-wjgh","Warn: Project is vulnerable to: GHSA-v34v-rq6j-cj6p","Warn: Project is vulnerable to: GHSA-23c5-xmqv-rm74","Warn: Project is vulnerable to: GHSA-3ppc-4f35-3m26","Warn: Project is vulnerable to: GHSA-7r86-cg39-jmmj","Warn: Project is vulnerable to: GHSA-3v7f-55p6-f55p","Warn: Project is vulnerable to: GHSA-c2c7-rcm5-vvqj","Warn: Project is vulnerable to: GHSA-mw96-cpmx-2vgc","Warn: Project is vulnerable to: GHSA-48c2-rrv3-qjmp","Warn: Project is vulnerable to: GHSA-3x4c-7xq6-9pq8","Warn: Project is vulnerable to: GHSA-5f7q-jpqc-wp7h","Warn: Project is vulnerable to: GHSA-ggv3-7p47-pfv8","Warn: Project is vulnerable to: GHSA-5c6j-r48x-rmvq","Warn: Project is vulnerable to: GHSA-qj8w-gfj5-8c6v"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/ea7e27ed41b76ab879c862fa0ca4cc9c61764ee4/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2026-04-01T13:20:04.861Z","repository_id":288023734,"created_at":"2026-04-01T13:20:04.861Z","updated_at":"2026-04-01T13:20:04.861Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":34429493,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-06-16T02:00:06.860Z","response_time":126,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ai-gateway","gateway","gateway-services","generative-ai","guardrails","llm","llm-cost","llm-gateway","llm-observability","llmops","load-balancing","mcp-client","mcp-gateway","mcp-server","model-router","token-management"],"created_at":"2025-08-05T00:02:02.356Z","updated_at":"2026-06-17T01:01:07.402Z","avatar_url":"https://github.com/maximhq.png","language":"Go","funding_links":[],"categories":["🔌 ツールと API 連携","*Ops for AI","Artificial Intelligence","Go","📚 Projects (1974 total)","Routing and Model Selection","Inference","Other LLM Frameworks","カテゴリ","generative-ai","Containerised MCP Servers","Gateways \u0026 Proxies","Coding","\u003cimg src=\"./assets/satellite.svg\" width=\"16\" height=\"16\" style=\"vertical-align: middle;\"\u003e Satellites","Quick Comparison"],"sub_categories":["その他の標準","LLMOps","MCP Servers","Gateways and proxies","LLM Router","Videos Playlists","🔌 \u003ca name=\"api-development\"\u003e\u003c/a\u003eAPI開発","DevOps \u0026 Infrastructure","Developer tools"],"readme":null,"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmaximhq%2Fbifrost","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmaximhq%2Fbifrost","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmaximhq%2Fbifrost/lists"}