{"id":13760209,"url":"https://github.com/michalporeba/odis","last_synced_at":"2026-01-18T01:10:21.963Z","repository":{"id":37609926,"uuid":"436313332","full_name":"michalporeba/odis","owner":"michalporeba","description":"Search in decentralised systems. Search federation, result moderation, aggregation and feedback with hypermedia in ReSTful API to round it all of.","archived":false,"fork":false,"pushed_at":"2025-04-02T20:20:48.000Z","size":17148,"stargazers_count":9,"open_issues_count":2,"forks_count":2,"subscribers_count":3,"default_branch":"main","last_synced_at":"2025-08-17T11:17:07.229Z","etag":null,"topics":["data","data-discovery","discoverability","federated","information-discovery","mesh-networks","search"],"latest_commit_sha":null,"homepage":"","language":"CSS","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/michalporeba.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"docs/security.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2021-12-08T16:19:11.000Z","updated_at":"2025-01-05T13:24:23.000Z","dependencies_parsed_at":"2024-06-02T21:04:59.083Z","dependency_job_id":"083ebc7d-144e-4b61-bb4a-d5b292396365","html_url":"https://github.com/michalporeba/odis","commit_stats":{"total_commits":279,"total_committers":3,"mean_commits":93.0,"dds":0.08243727598566308,"last_synced_commit":"efaa5b3c59e03162bc7d9be3a3d989040eadea33"},"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/michalporeba/odis","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/michalporeba%2Fodis","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/michalporeba%2Fodis/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/michalporeba%2Fodis/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/michalporeba%2Fodis/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/michalporeba","download_url":"https://codeload.github.com/michalporeba/odis/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/michalporeba%2Fodis/sbom","scorecard":{"id":641858,"data":{"date":"2025-08-11","repo":{"name":"github.com/michalporeba/odis","commit":"00e0783ae5d78d19f0e47d51ad63f441a2f8f40f"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":4.4,"checks":[{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Code-Review","score":0,"reason":"Found 0/1 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Security-Policy","score":10,"reason":"security policy file detected","details":["Info: security policy file detected: docs/security.md:1","Info: Found linked content: docs/security.md:1","Info: Found disclosure, vulnerability, and/or timelines in security policy: docs/security.md:1","Info: Found text in security policy: docs/security.md:1"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Token-Permissions","score":9,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Info: jobLevel 'actions' permission set to 'read': .github/workflows/codeql-analysis.yml:28","Info: jobLevel 'contents' permission set to 'read': .github/workflows/codeql-analysis.yml:29","Warn: no topLevel permission defined: .github/workflows/codeql-analysis.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/michalporeba/odis/codeql-analysis.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:45: update your workflow using https://app.stepsecurity.io/secureworkflow/michalporeba/odis/codeql-analysis.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:56: update your workflow using https://app.stepsecurity.io/secureworkflow/michalporeba/odis/codeql-analysis.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:70: update your workflow using https://app.stepsecurity.io/secureworkflow/michalporeba/odis/codeql-analysis.yml/main?enable=pin","Info:   0 out of   4 GitHub-owned GitHubAction dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: MIT License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'main'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"SAST","score":7,"reason":"SAST tool detected but not run on all commits","details":["Info: SAST configuration detected: CodeQL","Warn: 0 commits out of 29 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":0,"reason":"32 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-7xr5-9hcq-chf9","Warn: Project is vulnerable to: PYSEC-2025-13 / GHSA-p3fp-8748-vqfq","Warn: Project is vulnerable to: PYSEC-2025-1 / GHSA-qcgg-j2x8-h9g8","Warn: Project is vulnerable to: PYSEC-2025-14 / GHSA-wqfg-m96j-85vm","Warn: Project is vulnerable to: PYSEC-2022-42969","Warn: Project is vulnerable to: PYSEC-2024-230 / GHSA-248v-346w-9cwc","Warn: Project is vulnerable to: PYSEC-2022-42986 / GHSA-43fp-rhv2-5gv8","Warn: Project is vulnerable to: PYSEC-2023-135 / GHSA-xqr8-7jwr-rhp7","Warn: Project is vulnerable to: PYSEC-2022-190 / GHSA-2gwj-7jmv-h26r","Warn: Project is vulnerable to: PYSEC-2023-13 / GHSA-2hrw-hx67-34x6","Warn: Project is vulnerable to: PYSEC-2022-245 / GHSA-8x94-hmjh-97hq","Warn: Project is vulnerable to: PYSEC-2023-100 / GHSA-jh3w-4vvf-mjgr","Warn: Project is vulnerable to: PYSEC-2022-213 / GHSA-p64x-8rxx-wf6q","Warn: Project is vulnerable to: PYSEC-2023-12 / GHSA-q2jf-h9jm-m7p4","Warn: Project is vulnerable to: PYSEC-2022-304 / GHSA-qrw5-5h28-6cmg","Warn: Project is vulnerable to: PYSEC-2023-61 / GHSA-r3xc-prgr-mg9p","Warn: Project is vulnerable to: GHSA-rrqc-c2jx-6jgv","Warn: Project is vulnerable to: PYSEC-2022-191 / GHSA-w24h-v9qh-8gxj","Warn: Project is vulnerable to: GHSA-xqcf-hj92-967m","Warn: Project is vulnerable to: GHSA-gw84-84pc-xp82","Warn: Project is vulnerable to: PYSEC-2024-60 / GHSA-jjg7-2v4v-x38h","Warn: Project is vulnerable to: GHSA-9hjg-9r4m-mvj7","Warn: Project is vulnerable to: GHSA-9wx4-h78v-vm56","Warn: Project is vulnerable to: PYSEC-2023-74 / GHSA-j8r2-6x86-q33q","Warn: Project is vulnerable to: GHSA-2m57-hf25-phgg","Warn: Project is vulnerable to: PYSEC-2023-87 / GHSA-rrm6-wvj7-cwh2","Warn: Project is vulnerable to: GHSA-34jh-p97f-mpxf","Warn: Project is vulnerable to: PYSEC-2023-212 / GHSA-g4mx-q9vg-27p4","Warn: Project is vulnerable to: GHSA-pq67-6m6q-mj2v","Warn: Project is vulnerable to: PYSEC-2023-192 / GHSA-v845-jxx5-vc9f","Warn: Project is vulnerable to: PYSEC-2025-49 / GHSA-5rjg-fvgr-3xxf","Warn: Project is vulnerable to: GHSA-48p4-8xcf-vxj5"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-21T10:58:04.498Z","repository_id":37609926,"created_at":"2025-08-21T10:58:04.498Z","updated_at":"2025-08-21T10:58:04.498Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28525668,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-18T00:39:45.795Z","status":"ssl_error","status_checked_at":"2026-01-18T00:39:39.467Z","response_time":85,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["data","data-discovery","discoverability","federated","information-discovery","mesh-networks","search"],"created_at":"2024-08-03T13:01:05.418Z","updated_at":"2026-01-18T01:10:21.919Z","avatar_url":"https://github.com/michalporeba.png","language":"CSS","funding_links":[],"categories":["CSS"],"sub_categories":[],"readme":"# Open Distributed Information Sharing System (ODIS)\n\nA federated search service with result aggregation, moderation and feedback mechanism to potentially update the source data. \n\nIf you are interested in similar topics to those used in the project, I'd be [happy to chat](https://www.linkedin.com/in/michalporeba/). If you think my approach makes no sense, I'd love to hear from you - [create an issue](https://github.com/michalporeba/odis/issues/new/choose) and let me know where I went wrong.*\n\nNow let me tell you more about the ODIS idea…\n\n\u0026nbsp;\n\n# The Problem\n\nA much fuller description of the problem that motivated the project is available in the [Search for a Better Search](https://github.com/michalporeba/odis/blob/main/docs/A%20Search%20for%20a%20Better%20Search.pdf) paper, but in short...\n\nWe have increasing amounts of data all around us. Discoverability is a challenge. It is especially true in systems where fine-grained access controls are necessary across organisational boundaries.\n\nPublic crawling and indexing are not possible. Centralisation of data in data warehouses and lakes is currently the go-to solution. But that means the data governance has to be centralised. While it works in some organisations, it poses significant challenges in heterogeneous systems, and searches across multiple organisations.\n\nThe increasing amount of data, gives rise to a growing number of possible search results.\n\n## Why? \n\n* To improve data discoverability in systems where centralisation of data is not an option\n* To improve the search results based on the relative location of the searcher, and the information in the network topology\n* To find a mechanism to send feedback and suggest data improvements, from the results, back to the data sources\n* To get ready for a more distributed data landscape\n\n## What?\n\n**So far there is:**\n* [Sample Data Service](./code/sample/) - to provide test and demo data for the project using a range of formats. \n* [Data Exchange Network Node](./code/server/) - The server that can act as a node in the network doing all the federation of requests. \n\n*Later there will be:*\n\n* A 'Standard' that allows for easy searches in data accross a distributed network of services in a range of [interactions](./docs/interactions.md).\n* A Demo (or two)\n\n## How? \n* The search query will be federated (distributed) in a mesh search network\n* The results will be filtered by the source systems\n* The results will be moderated by the network\n* The results will be aggregated before presenting them to the user\n* The feedback will be pushed back through the network to the source systems to suggest updates\n\n\u0026nbsp;\n\n# Possible Use Cases\n\n* [Find Me Button](./docs/usecases/findme.md) - Search for and update your personal infromation held by any department accross the Civil Service. \n* [Product Search](./docs/usecases/product-overview.md) - Building the 'bigger picture' of a product through single search without the data warehouse. \n* [Acronym Buster](./docs/usecases/acronyms.md) - An oversimplified example of why topology as context can help improve search results. \n* [No Need for Catalogs](./docs/usecases/nomorecatalogues.md) - Not really a concrete use case, but an sidea what could be possible with federated search approach in terms of data management and governance. \n\nWhile I hope the use cases are of use, another way to look at what the search (or data exchange) network can offer, is to look at [possible interactions](./docs/interactions.md) within the system. \n\nBut the distributed systems can do more than just facilitate a search. [The CRM example](./docs/crm.md) illustrated how hypermedia approach to API design can help in building extensible distributed systems. \n\n\u0026nbsp;\n\n# Architecture\n\nAt the moment the project is in a conceptual design stage. \nHave a look at the [solution's architecutre](./docs/architecture.md) as it is developed.\n\n\u0026nbsp;\n\n\n# Technology \n\n* API: [OpenSearch](https://en.wikipedia.org/wiki/OpenSearch), [OpenAPI](https://swagger.io/specification/), [REST](https://en.wikipedia.org/wiki/Representational_state_transfer), [HAL](https://en.wikipedia.org/wiki/Hypertext_Application_Language), [HATEOAS](https://en.wikipedia.org/wiki/HATEOAS), [JSON-LD](https://json-ld.org/), \n* Security: [OAuth2.0](https://oauth.net/2/), [Open ID Connect (OIDC)](https://openid.net/connect/), [Json Web Tokens (JWT)](https://en.wikipedia.org/wiki/JSON_Web_Token)\n* Back-end: [Python](https://www.python.org/), [Django](https://www.djangoproject.com/)\n* Front-end: [JavaScript](https://en.wikipedia.org/wiki/JavaScript), [Design System](https://design-system.service.gov.uk/), [React](https://reactjs.org/)\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmichalporeba%2Fodis","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmichalporeba%2Fodis","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmichalporeba%2Fodis/lists"}