{"id":15021145,"url":"https://github.com/powershell/openssh-portable","last_synced_at":"2025-10-02T06:32:36.663Z","repository":{"id":38455161,"uuid":"72603626","full_name":"PowerShell/openssh-portable","owner":"PowerShell","description":"Portable OpenSSH, all Win32-OpenSSH releases and wiki are managed at https://github.com/powershell/Win32-OpenSSH","archived":false,"fork":true,"pushed_at":"2025-09-30T19:12:54.000Z","size":54108,"stargazers_count":1919,"open_issues_count":10,"forks_count":346,"subscribers_count":91,"default_branch":"latestw_all","last_synced_at":"2025-09-30T21:13:06.280Z","etag":null,"topics":["openssh","openssh-server","win32","windows"],"latest_commit_sha":null,"homepage":"","language":"C","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":"openssh/openssh-portable","license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/PowerShell.png","metadata":{"files":{"readme":"README","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":"audit-bsm.c","citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null}},"created_at":"2016-11-02T04:18:48.000Z","updated_at":"2025-09-30T19:13:37.000Z","dependencies_parsed_at":"2023-10-17T00:14:13.524Z","dependency_job_id":null,"html_url":"https://github.com/PowerShell/openssh-portable","commit_stats":null,"previous_names":[],"tags_count":17,"template":false,"template_full_name":null,"purl":"pkg:github/PowerShell/openssh-portable","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/PowerShell%2Fopenssh-portable","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/PowerShell%2Fopenssh-portable/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/PowerShell%2Fopenssh-portable/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/PowerShell%2Fopenssh-portable/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/PowerShell","download_url":"https://codeload.github.com/PowerShell/openssh-portable/tar.gz/refs/heads/latestw_all","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/PowerShell%2Fopenssh-portable/sbom","scorecard":{"id":111728,"data":{"date":"2025-08-11","repo":{"name":"github.com/PowerShell/openssh-portable","commit":"139a1b413d70f1cfd1c88c729c31da72cd8826fa"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":5.6,"checks":[{"name":"Maintained","score":2,"reason":"3 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 2","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Security-Policy","score":9,"reason":"security policy file detected","details":["Info: security policy file detected: SECURITY.md:1","Info: Found linked content: SECURITY.md:1","Warn: One or no descriptive hints of disclosure, vulnerability, and/or timelines in security policy","Info: Found text in security policy: SECURITY.md:1"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Code-Review","score":10,"reason":"all changesets reviewed","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/c-cpp.yml:1","Warn: no topLevel permission defined: .github/workflows/cifuzz.yml:1","Warn: no topLevel permission defined: .github/workflows/selfhosted.yml:1","Warn: no topLevel permission defined: .github/workflows/upstream.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Binary-Artifacts","score":9,"reason":"binaries present in source code","details":["Warn: binary detected: regress/pesterTests/utilities/askpass_util/askpass_util.exe:1"],"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"License","score":9,"reason":"license file detected","details":["Info: project has a license file: LICENCE:0","Warn: project license file does not contain an FSF or OSI license."],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":6,"reason":"branch protection is not maximal on development and all release branches","details":["Info: 'allow deletion' disabled on branch 'latestw_all'","Info: 'force pushes' disabled on branch 'latestw_all'","Info: 'branch protection settings apply to administrators' is required to merge on branch 'latestw_all'","Warn: 'stale review dismissal' is disabled on branch 'latestw_all'","Warn: required approving review count is 1 on branch 'latestw_all'","Warn: codeowners review is required - but no codeowners file found in repo","Info: 'last push approval' is required to merge on branch 'latestw_all'","Warn: no status checks found to merge onto branch 'latestw_all'","Info: PRs are required in order to make changes on branch 'latestw_all'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: third-party GitHubAction not pinned by hash: .github/workflows/c-cpp.yml:115: update your workflow using https://app.stepsecurity.io/secureworkflow/PowerShell/openssh-portable/c-cpp.yml/latestw_all?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/c-cpp.yml:116: update your workflow using https://app.stepsecurity.io/secureworkflow/PowerShell/openssh-portable/c-cpp.yml/latestw_all?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/c-cpp.yml:124: update your workflow using https://app.stepsecurity.io/secureworkflow/PowerShell/openssh-portable/c-cpp.yml/latestw_all?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/c-cpp.yml:139: update your workflow using https://app.stepsecurity.io/secureworkflow/PowerShell/openssh-portable/c-cpp.yml/latestw_all?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/cifuzz.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/PowerShell/openssh-portable/cifuzz.yml/latestw_all?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/cifuzz.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/PowerShell/openssh-portable/cifuzz.yml/latestw_all?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cifuzz.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/PowerShell/openssh-portable/cifuzz.yml/latestw_all?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/selfhosted.yml:108: update your workflow using https://app.stepsecurity.io/secureworkflow/PowerShell/openssh-portable/selfhosted.yml/latestw_all?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/selfhosted.yml:135: update your workflow using https://app.stepsecurity.io/secureworkflow/PowerShell/openssh-portable/selfhosted.yml/latestw_all?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/upstream.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/PowerShell/openssh-portable/upstream.yml/latestw_all?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/upstream.yml:55: update your workflow using https://app.stepsecurity.io/secureworkflow/PowerShell/openssh-portable/upstream.yml/latestw_all?enable=pin","Info:   0 out of   8 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of   3 third-party GitHubAction dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 30 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}}]},"last_synced_at":"2025-08-15T12:25:36.711Z","repository_id":38455161,"created_at":"2025-08-15T12:25:36.711Z","updated_at":"2025-08-15T12:25:36.711Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":277968828,"owners_count":25907418,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-02T02:00:08.890Z","response_time":67,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["openssh","openssh-server","win32","windows"],"created_at":"2024-09-24T19:56:11.492Z","updated_at":"2025-10-02T06:32:36.653Z","avatar_url":"https://github.com/PowerShell.png","language":"C","readme":"See https://www.openssh.com/releasenotes.html#10.0p1 for the release\nnotes.\n\nPlease read https://www.openssh.com/report.html for bug reporting\ninstructions and note that we do not use Github for bug reporting.\n\nThis is the port of OpenBSD's excellent OpenSSH[0] to Linux and other\nUnices.\n\nOpenSSH is based on the last free version of Tatu Ylonen's sample\nimplementation with all patent-encumbered algorithms removed (to external\nlibraries), all known security bugs fixed, new features reintroduced and\nmany other clean-ups.  OpenSSH was created by Aaron Campbell, Bob Beck,\nMarkus Friedl, Niels Provos, Theo de Raadt, and Dug Song, and has been\ndeveloped and maintained by Andre Lucas, Ben Lindstom, Damien Miller,\nDarren Tucker and Tim Rice. It has a homepage at https://www.openssh.com/\n\nThis port consists of the re-introduction of autoconf support, PAM\nsupport, EGD/PRNGD support and replacements for OpenBSD library\nfunctions that are (regrettably) absent from other unices. This port\nhas been best tested on AIX, Cygwin, HP-UX, Linux, MacOS/X,\nFreeBSD, NetBSD, OpenBSD, OpenServer, Solaris and UnixWare.\n\nThis version actively tracks changes in the OpenBSD CVS repository.\n\nThere is now several mailing lists for this port of OpenSSH. Please\nrefer to https://www.openssh.com/list.html for details on how to join.\n\nPlease send bug reports and patches to https://bugzilla.mindrot.org or\nthe mailing list openssh-unix-dev@mindrot.org.  To mitigate spam, the\nlist only allows posting from subscribed addresses.  Code contribution\nare welcomed, but please follow the OpenBSD style guidelines[1].\n\nPlease refer to the INSTALL document for information on dependencies and\nhow to install OpenSSH on your system.\n\nDamien Miller \u003cdjm@mindrot.org\u003e\n\nMiscellania -\n\nThis version of OpenSSH is based upon code retrieved from the OpenBSD CVS\nrepository which in turn was based on the last free sample implementation\nreleased by Tatu Ylonen.\n\nReferences -\n\n[0] https://www.openssh.com/\n[1] https://man.openbsd.org/style.9\n\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpowershell%2Fopenssh-portable","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fpowershell%2Fopenssh-portable","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpowershell%2Fopenssh-portable/lists"}