{"id":13546516,"url":"https://github.com/performancecopilot/pcp","last_synced_at":"2026-04-02T18:39:35.293Z","repository":{"id":19770800,"uuid":"23028937","full_name":"performancecopilot/pcp","owner":"performancecopilot","description":"Performance Co-Pilot","archived":false,"fork":false,"pushed_at":"2026-03-29T23:15:15.000Z","size":197877,"stargazers_count":1053,"open_issues_count":166,"forks_count":262,"subscribers_count":47,"default_branch":"main","last_synced_at":"2026-03-30T01:32:39.885Z","etag":null,"topics":["analysis","distributed","graph","lightweight","metrics","monitoring","performance","timeseries"],"latest_commit_sha":null,"homepage":"https://pcp.io","language":"C","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/performancecopilot.png","metadata":{"files":{"readme":"README.github","changelog":"CHANGELOG","contributing":"CONTRIBUTING.md","funding":".github/FUNDING.yml","license":"COPYING","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null},"funding":{"custom":"https://hcb.hackclub.com/donations/start/pcp"}},"created_at":"2014-08-16T23:06:22.000Z","updated_at":"2026-03-29T23:15:16.000Z","dependencies_parsed_at":"2023-01-16T21:46:14.369Z","dependency_job_id":"6af050b2-cdc5-4d25-a0c8-33e0fb5e40b6","html_url":"https://github.com/performancecopilot/pcp","commit_stats":{"total_commits":27384,"total_committers":246,"mean_commits":111.3170731707317,"dds":0.7380222027461292,"last_synced_commit":"2a56acb84181025724d62445053223c2207d850a"},"previous_names":[],"tags_count":259,"template":false,"template_full_name":null,"purl":"pkg:github/performancecopilot/pcp","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/performancecopilot%2Fpcp","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/performancecopilot%2Fpcp/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/performancecopilot%2Fpcp/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/performancecopilot%2Fpcp/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/performancecopilot","download_url":"https://codeload.github.com/performancecopilot/pcp/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/performancecopilot%2Fpcp/sbom","scorecard":{"id":125411,"data":{"date":"2025-08-04","repo":{"name":"github.com/performancecopilot/pcp","commit":"b4e1ac87040f12990c30a853221299cde3c2b4c4"},"scorecard":{"version":"v5.2.1-28-gc1d103a9","commit":"c1d103a9bb9f635ec7260bf9aa0699466fa4be0e"},"score":6.5,"checks":[{"name":"Maintained","score":10,"reason":"30 commit(s) and 12 issue activity found in the last 90 days -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#maintained"}},{"name":"Code-Review","score":1,"reason":"Found 3/20 approved changesets -- score normalized to 1","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#code-review"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Info: jobLevel 'actions' permission set to 'read': .github/workflows/codeql-analysis.yml:17","Info: jobLevel 'contents' permission set to 'read': .github/workflows/codeql-analysis.yml:18","Info: jobLevel 'contents' permission set to 'read': .github/workflows/main.yml:21","Warn: no topLevel permission defined: .github/workflows/ci.yml:1","Warn: no topLevel permission defined: .github/workflows/codeql-analysis.yml:1","Warn: no topLevel permission defined: .github/workflows/coverity.yml:1","Warn: no topLevel permission defined: .github/workflows/main.yml:1","Warn: no topLevel permission defined: .github/workflows/qa.yml:1","Warn: topLevel 'contents' permission set to 'write': .github/workflows/release.yml:12","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#token-permissions"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#dangerous-workflow"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#security-policy"}},{"name":"CII-Best-Practices","score":5,"reason":"badge detected: Passing","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#cii-best-practices"}},{"name":"License","score":9,"reason":"license file detected","details":["Info: project has a license file: COPYING:0","Warn: project license file does not contain an FSF or OSI license."],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#license"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#branch-protection"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#signed-releases"}},{"name":"Packaging","score":10,"reason":"packaging workflow detected","details":["Info: Project packages its releases by way of GitHub Actions.: .github/workflows/main.yml:16"],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#packaging"}},{"name":"Fuzzing","score":10,"reason":"project is fuzzed","details":["Info: CLibFuzzer integration found: vendor/github.com/libbpf/bpftool/libbpf/fuzz/bpf-object-fuzzer.c:8"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#fuzzing"}},{"name":"Binary-Artifacts","score":8,"reason":"binaries present in source code","details":["Warn: binary detected: qa/java/TestUnit.class:1","Warn: binary detected: qa/java/USDTJVMTest.class:1"],"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#binary-artifacts"}},{"name":"SAST","score":10,"reason":"SAST tool is run on all commits","details":["Info: SAST configuration detected: CodeQL","Info: all commits (15) are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#vulnerabilities"}},{"name":"Pinned-Dependencies","score":1,"reason":"dependency not pinned by hash detected -- score normalized to 1","details":["Info: Possibly incomplete results: error parsing shell code: not a valid arithmetic operator: 10: qa/1620:0","Info: Possibly incomplete results: error parsing shell code: reached $ without matching (( with )): qa/551:0","Info: Possibly incomplete results: error parsing shell code: / must be followed by an expression: qa/linux/mk.uuid:0","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/performancecopilot/pcp/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:80: update your workflow using https://app.stepsecurity.io/secureworkflow/performancecopilot/pcp/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:102: update your workflow using https://app.stepsecurity.io/secureworkflow/performancecopilot/pcp/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/performancecopilot/pcp/codeql-analysis.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/performancecopilot/pcp/codeql-analysis.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/performancecopilot/pcp/codeql-analysis.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/coverity.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/performancecopilot/pcp/coverity.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/performancecopilot/pcp/main.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/qa.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/performancecopilot/pcp/qa.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/qa.yml:80: update your workflow using https://app.stepsecurity.io/secureworkflow/performancecopilot/pcp/qa.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/qa.yml:104: update your workflow using https://app.stepsecurity.io/secureworkflow/performancecopilot/pcp/qa.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/qa.yml:120: update your workflow using https://app.stepsecurity.io/secureworkflow/performancecopilot/pcp/qa.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/qa.yml:123: update your workflow using https://app.stepsecurity.io/secureworkflow/performancecopilot/pcp/qa.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/qa.yml:129: update your workflow using https://app.stepsecurity.io/secureworkflow/performancecopilot/pcp/qa.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/qa.yml:157: update your workflow using https://app.stepsecurity.io/secureworkflow/performancecopilot/pcp/qa.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/qa.yml:165: update your workflow using https://app.stepsecurity.io/secureworkflow/performancecopilot/pcp/qa.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/qa.yml:203: update your workflow using https://app.stepsecurity.io/secureworkflow/performancecopilot/pcp/qa.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/qa.yml:220: update your workflow using https://app.stepsecurity.io/secureworkflow/performancecopilot/pcp/qa.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/qa.yml:223: update your workflow using https://app.stepsecurity.io/secureworkflow/performancecopilot/pcp/qa.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/qa.yml:230: update your workflow using https://app.stepsecurity.io/secureworkflow/performancecopilot/pcp/qa.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/performancecopilot/pcp/release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:64: update your workflow using https://app.stepsecurity.io/secureworkflow/performancecopilot/pcp/release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:86: update your workflow using https://app.stepsecurity.io/secureworkflow/performancecopilot/pcp/release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:98: update your workflow using https://app.stepsecurity.io/secureworkflow/performancecopilot/pcp/release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:101: update your workflow using https://app.stepsecurity.io/secureworkflow/performancecopilot/pcp/release.yml/main?enable=pin","Warn: containerImage not pinned by hash: build/containers/archive-analysis/Dockerfile:3","Warn: containerImage not pinned by hash: build/containers/archive-analysis/Dockerfile:23: pin your Docker image by updating quay.io/fedora/fedora:latest to quay.io/fedora/fedora:latest@sha256:4268e9b12cf0a8df98a4bcc514daffdacb02073637e358fb8596d6c8905b4e0a","Warn: containerImage not pinned by hash: build/containers/pcp/Dockerfile:2","Warn: containerImage not pinned by hash: build/containers/pcp/Dockerfile:27: pin your Docker image by updating quay.io/fedora/fedora:latest to quay.io/fedora/fedora:latest@sha256:4268e9b12cf0a8df98a4bcc514daffdacb02073637e358fb8596d6c8905b4e0a","Warn: pipCommand not pinned by hash: .github/workflows/ci.yml:58","Warn: pipCommand not pinned by hash: .github/workflows/qa.yml:58","Warn: pipCommand not pinned by hash: .github/workflows/release.yml:45","Info:   0 out of  25 GitHub-owned GitHubAction dependencies pinned","Info:   3 out of   3 third-party GitHubAction dependencies pinned","Info:   0 out of   4 containerImage dependencies pinned","Info:   0 out of   3 pipCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#pinned-dependencies"}}]},"last_synced_at":"2025-08-16T03:42:03.774Z","repository_id":19770800,"created_at":"2025-08-16T03:42:03.774Z","updated_at":"2025-08-16T03:42:03.774Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31313120,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-02T12:59:32.332Z","status":"ssl_error","status_checked_at":"2026-04-02T12:54:48.875Z","response_time":89,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["analysis","distributed","graph","lightweight","metrics","monitoring","performance","timeseries"],"created_at":"2024-08-01T12:00:39.286Z","updated_at":"2026-04-02T18:39:35.277Z","avatar_url":"https://github.com/performancecopilot.png","language":"C","readme":"A Possible github Workflow\n--------------------------\n\nThese notes describe how Ken does development and integration with\nthe PCP repos on github.\n\nIt may work for others, or perhaps someone with a deeper knowledge\nof git and github can suggest a better way.\n\nFirst, a long time ago, I forked https://github.com/performancecopilot/pcp\non github to make my PCP tree at https://github.com/kmcdonell/pcp.\n\nThen on my main local machine (bozo) I cloned my github PCP tree into\n~kenj/src/pcp and this is where all my development and git commits\nare done [actually there is another machine bozo-vm that is sort of\na mirror of bozo, but that's not relevant for this discussion].\n\nAnd finally a cloned my github PCP tree to make a bare git tree at\n~kenj/git-mirror/pcp.git on bozo and all the VMs in the QA Farm git\npull from there (this one is a local git cache to conserve my internet\ntraffic between my home and github).\n\nSo there are 4 repos in play:\n[0] https://github.com/performancecopilot/pcp (the official one)\n[1] https://github.com/kmcdonell/pcp (my staging area for new commits)\n[2] ~kenj/src/pcp on bozo\n[3] ~kenj/git-mirror/pcp.git on bozo\n\nTask 1: updating my trees to pull changes from the official PCP repo\n--------------------------------------------------------------------\n\nSo, we want all the latest commits from [0] included in [1], [2] and\n[3].\n\nFirst we need to pull from [0] into [2], but only if [2] is on the\nmaster branch and contains no commits that have not already been\npushed to [1] and [3].  The script below does this after ensuring\nthe preconditions are met.\n\n    $ scripts/pcp-refresh\n\nNow do Task 2 (below) to push any new commits from [2] to [1] and [3].\n\nTask 2: pushing commits from my staging area into my other repos\n----------------------------------------------------------------\n\nBecause [2] and [3] drive the QA, I need/want to test changes before\nasking others to review and merge.  So, I make changes in the master\nbranch and commit in [2], and then these commits need to be pushed to\n[3] and this is done via [1].\n\n    $ scripts/pcp-push -m\n    Push to git@github.com:.../pcp.git master [y|n|q] (or ctrl+C to abort)\n    [reply y]\n\nthe -m is important for pcp-push, because we don't want to do any of\nthe github pull request steps yet.\n\nTask 3: pushing my commits to the official repo\n-----------------------------------------------\n\nFirst, make sure my repos are up to date, see Task 1 above.\n\nNext make a new branch as the base for a batch of changes.\n\n    $ scripts/new-branch\n\nalthough the new branch \u003cdatestamp\u003e has been created, we end up back\non the master branch where all the commits are done.\n\nAfter some amount of changes, debugging, QA and committing (on the\nmaster branch) we're ready to initiate a github pull request.\n\n    $ git checkout \u003cdatestamp\u003e \t# \u003cdatestamp\u003e from earlier scripts/new-branch\n    $ git pull . master\n    $ scripts/pcp-push\n    Push to git@github.com:.../pcp.git \u003cdatestamp\u003e [y|n|q] (or ctrl+C to abort)\n    [reply y]\n    Pull request title: [n|q|title]\n    [reply with a meaningful title for your pull request]\n\nThis will also (silently), update [3] if it exists, checkout the\nmaster branch and delete the \u003cdatestamp\u003e branch.\n\nBells and Whistles\n------------------\n\nscripts/pcp-push and scripts/new-branch have a -n option for a dry\nrun to see what would be done, without changing anything.\n","funding_links":["https://hcb.hackclub.com/donations/start/pcp"],"categories":["C"],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fperformancecopilot%2Fpcp","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fperformancecopilot%2Fpcp","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fperformancecopilot%2Fpcp/lists"}