{"id":29091510,"url":"https://github.com/morganamilo/srcinfo.rs","last_synced_at":"2025-10-10T04:09:05.181Z","repository":{"id":57668447,"uuid":"165402962","full_name":"Morganamilo/srcinfo.rs","owner":"Morganamilo","description":"parser for makepkg's .SRCINFO file format","archived":false,"fork":false,"pushed_at":"2025-06-30T01:42:20.000Z","size":366,"stargazers_count":17,"open_issues_count":2,"forks_count":3,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-09-27T20:13:51.531Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"https://docs.rs/srcinfo/","language":"Rust","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Morganamilo.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2019-01-12T15:26:09.000Z","updated_at":"2025-06-30T02:04:46.000Z","dependencies_parsed_at":"2025-06-28T06:07:24.611Z","dependency_job_id":"03f80c96-a351-404d-a93a-8a2914e30071","html_url":"https://github.com/Morganamilo/srcinfo.rs","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/Morganamilo/srcinfo.rs","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Morganamilo%2Fsrcinfo.rs","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Morganamilo%2Fsrcinfo.rs/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Morganamilo%2Fsrcinfo.rs/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Morganamilo%2Fsrcinfo.rs/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Morganamilo","download_url":"https://codeload.github.com/Morganamilo/srcinfo.rs/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Morganamilo%2Fsrcinfo.rs/sbom","scorecard":{"id":96079,"data":{"date":"2025-08-11","repo":{"name":"github.com/Morganamilo/srcinfo.rs","commit":"668a544cd89ae5e2a5e35adb1badb880ec122b06"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":3.6,"checks":[{"name":"Dangerous-Workflow","score":-1,"reason":"no workflows found","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Maintained","score":4,"reason":"5 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 4","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Code-Review","score":0,"reason":"Found 1/29 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Token-Permissions","score":-1,"reason":"No tokens found","details":null,"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Pinned-Dependencies","score":-1,"reason":"no dependencies found","details":null,"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: GNU General Public License v3.0: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'master'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 2 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}}]},"last_synced_at":"2025-08-15T09:05:20.398Z","repository_id":57668447,"created_at":"2025-08-15T09:05:20.398Z","updated_at":"2025-08-15T09:05:20.398Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":279002695,"owners_count":26083442,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-10T02:00:06.843Z","response_time":62,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2025-06-28T06:07:13.773Z","updated_at":"2025-10-10T04:09:05.156Z","avatar_url":"https://github.com/Morganamilo.png","language":"Rust","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Srcinfo\n\nSrcinfo is a parser for makepkg's .SRCINFO file format.\n\nSrcinfo focuses on correctness of parsing, especially with split packages and architecture specific fields.\n\nSrcinfo only aims to parse. This crate does not attempt to perform any version comparison, dependency checking or any other extra functionality.\n\n## Example\n\n```rust\nuse srcinfo::{Srcinfo, ArchVec};\n\n// Create a srcinfo from a string\nlet srcinfo: Srcinfo = \"\npkgbase = example\npkgver = 1.5.0\npkgrel = 5\n\npkgname = example\".parse()?;\n\n// Or a file\nlet srcinfo = Srcinfo::parse_file(\".SRCINFO\")?;\n\n// Reading global fields\n// These fields were declared at the top of the PKGBUILD but may be overridden per package\nprintln!(\"srcinfo {}-{}:\", srcinfo.pkgbase(), srcinfo.version());\n\n// Print header comment\nfor comment in srcinfo.comment().lines() {\n    println!(\"comment: {}\", comment);\n}\n\nprintln!(\"url: {}\", srcinfo.url().unwrap_or(\"none\"));\nfor arch in srcinfo.arch() {\n    println!(\"arch: {}\", arch);\n}\n\n// reading makedepends and makedepends_$ARCH fields\nfor depends_arch in srcinfo.makedepends() {\n    for depend in depends_arch {\n        match depends_arch.arch() {\n            Some(arch) =\u003e println!(\"depend_{}: {}\", arch, depend),\n            None =\u003e println!(\"depend: {}\", depend),\n        }\n    }\n}\n\n// Iterate through all the packages in this srcinfo\nfor pkg in srcinfo.pkgs() {\n    println!(\"pkg: {}\", pkg.pkgname());\n}\n\n// Get a specific package from the .SRCINFO\nlet pkg = srcinfo.pkg(\"libc++\").unwrap();\nprintln!(\"pkg: {}\", pkg.pkgname());\n\n// Get the architectures of the package (may differ from the global architecture)\nfor arch in pkg.arch() {\n    println!(\"{} arch: {}\", pkg.pkgname(), arch);\n}\n\n// Get the depends of an x86_64 system\n// This includes the `depends` and `depends_x86_64` fields\nfor depend in pkg.depends().arch(\"x86_64\") {\n    println!(\"depend: {}\", depend);\n}\n\n// Convert the .SRCINFO back into a string\n// the new sring will semanticly match the original .SRCINFO\n// but field order and whitespace will change, comments will be removed\nlet srcinfo = srcinfo.to_string();\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmorganamilo%2Fsrcinfo.rs","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmorganamilo%2Fsrcinfo.rs","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmorganamilo%2Fsrcinfo.rs/lists"}