{"id":13455271,"url":"https://github.com/projen/projen","last_synced_at":"2026-04-02T14:37:28.398Z","repository":{"id":37010843,"uuid":"262943932","full_name":"projen/projen","owner":"projen","description":"Rapidly build modern applications with advanced configuration management","archived":false,"fork":false,"pushed_at":"2026-01-26T09:56:02.000Z","size":32780,"stargazers_count":2893,"open_issues_count":251,"forks_count":401,"subscribers_count":25,"default_branch":"main","last_synced_at":"2026-01-26T23:58:35.478Z","etag":null,"topics":["aws-cdk","cdk","constructs","generator","hacktoberfest","jsii","repository-management","repository-tools","scaffolding","templates","typescript"],"latest_commit_sha":null,"homepage":"https://projen.io","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/projen.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":"AGENTS.md","dco":null,"cla":null}},"created_at":"2020-05-11T05:07:24.000Z","updated_at":"2026-01-26T09:44:57.000Z","dependencies_parsed_at":"2025-12-17T00:07:22.365Z","dependency_job_id":null,"html_url":"https://github.com/projen/projen","commit_stats":{"total_commits":2282,"total_committers":177,"mean_commits":"12.892655367231638","dds":0.7892199824715163,"last_synced_commit":"bc4e5502562546660447b20f44fc811fe202dfc0"},"previous_names":[],"tags_count":2072,"template":false,"template_full_name":null,"purl":"pkg:github/projen/projen","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/projen%2Fprojen","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/projen%2Fprojen/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/projen%2Fprojen/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/projen%2Fprojen/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/projen","download_url":"https://codeload.github.com/projen/projen/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/projen%2Fprojen/sbom","scorecard":{"id":427229,"data":{"date":"2025-08-11","repo":{"name":"github.com/projen/projen","commit":"cc6ca2910202ce178868918ffdcff933c92ba112"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":5.6,"checks":[{"name":"Code-Review","score":10,"reason":"all changesets reviewed","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Security-Policy","score":10,"reason":"security policy file detected","details":["Info: security policy file detected: SECURITY.md:1","Info: Found linked content: SECURITY.md:1","Info: Found disclosure, vulnerability, and/or timelines in security policy: SECURITY.md:1","Info: Found text in security policy: SECURITY.md:1"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Maintained","score":10,"reason":"30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: Apache License 2.0: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: jobLevel 'contents' permission set to 'write': .github/workflows/auto-queue.yml:16","Info: jobLevel 'contents' permission set to 'read': .github/workflows/build.yml:190","Warn: jobLevel 'contents' permission set to 'write': .github/workflows/build.yml:218","Warn: jobLevel 'contents' permission set to 'write': .github/workflows/build.yml:13","Info: jobLevel 'contents' permission set to 'read': .github/workflows/build.yml:44","Info: jobLevel 'contents' permission set to 'read': .github/workflows/build.yml:78","Info: jobLevel 'contents' permission set to 'read': .github/workflows/build.yml:116","Info: jobLevel 'contents' permission set to 'read': .github/workflows/build.yml:153","Info: found token with 'none' permissions: .github/workflows/check-licenses.yml:1","Info: jobLevel 'pull-requests' permission set to 'read': .github/workflows/pull-request-lint.yml:35","Warn: jobLevel 'contents' permission set to 'write': .github/workflows/release.yml:16","Warn: jobLevel 'contents' permission set to 'write': .github/workflows/release.yml:76","Info: jobLevel 'contents' permission set to 'read': .github/workflows/release.yml:116","Info: jobLevel 'contents' permission set to 'read': .github/workflows/release.yml:172","Info: jobLevel 'contents' permission set to 'read': .github/workflows/release.yml:234","Info: jobLevel 'contents' permission set to 'read': .github/workflows/release.yml:291","Info: jobLevel 'contents' permission set to 'read': .github/workflows/upgrade-bundled-main.yml:13","Info: jobLevel 'contents' permission set to 'read': .github/workflows/upgrade-bundled-main.yml:48","Info: jobLevel 'contents' permission set to 'read': .github/workflows/upgrade-main.yml:13","Info: jobLevel 'contents' permission set to 'read': .github/workflows/upgrade-main.yml:48","Warn: no topLevel permission defined: .github/workflows/auto-approve.yml:1","Warn: no topLevel permission defined: .github/workflows/auto-queue.yml:1","Warn: no topLevel permission defined: .github/workflows/build.yml:1","Warn: no topLevel permission defined: .github/workflows/check-licenses.yml:1","Warn: no topLevel permission defined: .github/workflows/publish-docs.yml:1","Warn: no topLevel permission defined: .github/workflows/pull-request-lint.yml:1","Warn: no topLevel permission defined: .github/workflows/release.yml:1","Warn: no topLevel permission defined: .github/workflows/upgrade-bundled-main.yml:1","Warn: no topLevel permission defined: .github/workflows/upgrade-main.yml:1"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 30 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: third-party GitHubAction not pinned by hash: .github/workflows/auto-approve.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/projen/projen/auto-approve.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/auto-queue.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/projen/projen/auto-queue.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/projen/projen/build.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/projen/projen/build.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:47: update your workflow using https://app.stepsecurity.io/secureworkflow/projen/projen/build.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:51: update your workflow using https://app.stepsecurity.io/secureworkflow/projen/projen/build.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:59: update your workflow using https://app.stepsecurity.io/secureworkflow/projen/projen/build.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:81: update your workflow using https://app.stepsecurity.io/secureworkflow/projen/projen/build.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:85: update your workflow using https://app.stepsecurity.io/secureworkflow/projen/projen/build.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:89: update your workflow using https://app.stepsecurity.io/secureworkflow/projen/projen/build.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:97: update your workflow using https://app.stepsecurity.io/secureworkflow/projen/projen/build.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:119: update your workflow using https://app.stepsecurity.io/secureworkflow/projen/projen/build.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:122: update your workflow using https://app.stepsecurity.io/secureworkflow/projen/projen/build.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:126: update your workflow using https://app.stepsecurity.io/secureworkflow/projen/projen/build.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:134: update your workflow using https://app.stepsecurity.io/secureworkflow/projen/projen/build.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:156: update your workflow using https://app.stepsecurity.io/secureworkflow/projen/projen/build.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:159: update your workflow using https://app.stepsecurity.io/secureworkflow/projen/projen/build.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:163: update your workflow using https://app.stepsecurity.io/secureworkflow/projen/projen/build.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:171: update your workflow using https://app.stepsecurity.io/secureworkflow/projen/projen/build.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:193: update your workflow using https://app.stepsecurity.io/secureworkflow/projen/projen/build.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:196: update your workflow using https://app.stepsecurity.io/secureworkflow/projen/projen/build.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:200: update your workflow using https://app.stepsecurity.io/secureworkflow/projen/projen/build.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:208: update your workflow using https://app.stepsecurity.io/secureworkflow/projen/projen/build.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:225: update your workflow using https://app.stepsecurity.io/secureworkflow/projen/projen/build.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:230: update your workflow using https://app.stepsecurity.io/secureworkflow/projen/projen/build.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:243: update your workflow using https://app.stepsecurity.io/secureworkflow/projen/projen/build.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:256: update your workflow using https://app.stepsecurity.io/secureworkflow/projen/projen/build.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:272: update your workflow using https://app.stepsecurity.io/secureworkflow/projen/projen/build.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/check-licenses.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/projen/projen/check-licenses.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-docs.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/projen/projen/publish-docs.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-docs.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/projen/projen/publish-docs.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-docs.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/projen/projen/publish-docs.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/pull-request-lint.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/projen/projen/pull-request-lint.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-request-lint.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/projen/projen/pull-request-lint.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:296: update your workflow using https://app.stepsecurity.io/secureworkflow/projen/projen/release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:299: update your workflow using https://app.stepsecurity.io/secureworkflow/projen/projen/release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:303: update your workflow using https://app.stepsecurity.io/secureworkflow/projen/projen/release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:311: update your workflow using https://app.stepsecurity.io/secureworkflow/projen/projen/release.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:337: update your workflow using https://app.stepsecurity.io/secureworkflow/projen/projen/release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/projen/projen/release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/projen/projen/release.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/projen/projen/release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:61: update your workflow using https://app.stepsecurity.io/secureworkflow/projen/projen/release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:81: update your workflow using https://app.stepsecurity.io/secureworkflow/projen/projen/release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:85: update your workflow using https://app.stepsecurity.io/secureworkflow/projen/projen/release.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:103: update your workflow using https://app.stepsecurity.io/secureworkflow/projen/projen/release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:121: update your workflow using https://app.stepsecurity.io/secureworkflow/projen/projen/release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:125: update your workflow using https://app.stepsecurity.io/secureworkflow/projen/projen/release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:133: update your workflow using https://app.stepsecurity.io/secureworkflow/projen/projen/release.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:160: update your workflow using https://app.stepsecurity.io/secureworkflow/projen/projen/release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:177: update your workflow using https://app.stepsecurity.io/secureworkflow/projen/projen/release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:181: update your workflow using https://app.stepsecurity.io/secureworkflow/projen/projen/release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:185: update your workflow using https://app.stepsecurity.io/secureworkflow/projen/projen/release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:193: update your workflow using https://app.stepsecurity.io/secureworkflow/projen/projen/release.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:222: update your workflow using https://app.stepsecurity.io/secureworkflow/projen/projen/release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:239: update your workflow using https://app.stepsecurity.io/secureworkflow/projen/projen/release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:242: update your workflow using https://app.stepsecurity.io/secureworkflow/projen/projen/release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:246: update your workflow using https://app.stepsecurity.io/secureworkflow/projen/projen/release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:254: update your workflow using https://app.stepsecurity.io/secureworkflow/projen/projen/release.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:279: update your workflow using https://app.stepsecurity.io/secureworkflow/projen/projen/release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/upgrade-bundled-main.yml:52: update your workflow using https://app.stepsecurity.io/secureworkflow/projen/projen/upgrade-bundled-main.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/upgrade-bundled-main.yml:56: update your workflow using https://app.stepsecurity.io/secureworkflow/projen/projen/upgrade-bundled-main.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/upgrade-bundled-main.yml:68: update your workflow using https://app.stepsecurity.io/secureworkflow/projen/projen/upgrade-bundled-main.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/upgrade-bundled-main.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/projen/projen/upgrade-bundled-main.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/upgrade-bundled-main.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/projen/projen/upgrade-bundled-main.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/upgrade-bundled-main.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/projen/projen/upgrade-bundled-main.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/upgrade-main.yml:52: update your workflow using https://app.stepsecurity.io/secureworkflow/projen/projen/upgrade-main.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/upgrade-main.yml:56: update your workflow using https://app.stepsecurity.io/secureworkflow/projen/projen/upgrade-main.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/upgrade-main.yml:68: update your workflow using https://app.stepsecurity.io/secureworkflow/projen/projen/upgrade-main.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/upgrade-main.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/projen/projen/upgrade-main.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/upgrade-main.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/projen/projen/upgrade-main.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/upgrade-main.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/projen/projen/upgrade-main.yml/main?enable=pin","Warn: pipCommand not pinned by hash: scripts/python-compat.sh:19","Info:   0 out of  60 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of  12 third-party GitHubAction dependencies pinned","Info:   0 out of   1 pipCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Vulnerabilities","score":1,"reason":"9 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw","Warn: Project is vulnerable to: GHSA-pxg6-pf52-xh8x","Warn: Project is vulnerable to: GHSA-76c9-3jph-rj3q","Warn: Project is vulnerable to: GHSA-rhx6-c78j-4q9w","Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j","Warn: Project is vulnerable to: GHSA-m6fv-jmcg-4jfg","Warn: Project is vulnerable to: GHSA-4v9v-hfq4-rm2v","Warn: Project is vulnerable to: GHSA-9jgg-88mc-972h","Warn: Project is vulnerable to: GHSA-52f5-9888-hmc6"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-19T02:29:36.548Z","repository_id":37010843,"created_at":"2025-08-19T02:29:36.548Z","updated_at":"2025-08-19T02:29:36.548Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28877052,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-29T10:31:27.438Z","status":"ssl_error","status_checked_at":"2026-01-29T10:31:01.017Z","response_time":59,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["aws-cdk","cdk","constructs","generator","hacktoberfest","jsii","repository-management","repository-tools","scaffolding","templates","typescript"],"created_at":"2024-07-31T08:01:03.241Z","updated_at":"2026-02-21T00:23:51.975Z","avatar_url":"https://github.com/projen.png","language":"TypeScript","readme":"\u003cp align=\"center\"\u003e\n  \u003ca href=\"https://projen.io\"\u003e\n    \u003cimg src=\"https://raw.githubusercontent.com/projen/projen/main/logo/projen.svg\"\u003e\n    \u003ch3 align=\"center\"\u003eprojen\u003c/h3\u003e\n  \u003c/a\u003e\n\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\n  Define and maintain complex project configuration through code.\n\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\n  \u003ca href=\"https://projen.io/\"\u003e\u003cstrong\u003eDocumentation\u003c/strong\u003e\u003c/a\u003e ·\n  \u003ca href=\"https://github.com/projen/projen/releases\"\u003e\u003cstrong\u003eChangelog\u003c/strong\u003e\u003c/a\u003e ·\n  \u003ca href=\"#project-types\"\u003e\u003cstrong\u003eProject types\u003c/strong\u003e\u003c/a\u003e ·\n  \u003ca href=\"#community\"\u003e\u003cstrong\u003eJoin the community\u003c/strong\u003e\u003c/a\u003e\n\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\n  \u003ca href=\"https://opensource.org/licenses/Apache-2.0\"\u003e\u003cimg src=\"https://img.shields.io/badge/License-Apache%202.0-yellowgreen.svg\" alt=\"Apache 2.0 License\"\u003e\u003c/a\u003e\n  \u003ca href=\"https://gitpod.io/#https://github.com/projen/projen\"\u003e\u003cimg src=\"https://img.shields.io/badge/Gitpod-ready--to--code-blue?logo=gitpod\" alt=\"Gitpod ready-to-code\"\u003e\u003c/a\u003e\n  \u003ca href=\"https://github.com/projen/projen/actions/workflows/release.yml\"\u003e\u003cimg src=\"https://github.com/projen/projen/actions/workflows/release.yml/badge.svg\" alt=\"Release badge\"\u003e\u003c/a\u003e\n  \u003ca href=\"https://github.com/projen/projen/commits/main\"\u003e\u003cimg src=\"https://img.shields.io/github/commit-activity/w/projen/projen\" alt=\"Commit activity\"\u003e\u003c/a\u003e\n\u003c/p\u003e\n\n\u003cbr/\u003e\n\n*projen* synthesizes project configuration files such as `package.json`,\n`tsconfig.json`, `.gitignore`, GitHub Workflows, eslint, jest, etc. from a\nwell-typed definition written in JavaScript.\n\nAs opposed to existing templating/scaffolding tools, *projen* is not a one-off\ngenerator. Synthesized files should never be manually edited (in fact, projen\nenforces that). To modify your project setup, users interact with rich\nstrongly-typed class and execute `projen` to update their project configuration\nfiles.\n\nBy defining a custom project type and using projen in multiple repositories, it's\npossible to update configuration files and CI/CD workflows across dozens (or\nhundreds!?) of projects.\n\nCheck out [this talk](https://youtu.be/SOWMPzXtTCw) about projen from its creator.\n\n## Getting Started\n\n*projen* doesn't need to be installed. You will be using [npx](https://docs.npmjs.com/cli/v7/commands/npx) to run *projen* which takes care of all required setup steps.\n\nTo create a new project, run the following command and follow the instructions:\n\n```console\n$ mkdir my-project\n$ cd my-project\n$ npx projen new PROJECT-TYPE\n🤖 Synthesizing project...\n...\n```\n\n### Project types\n\nCurrently supported project types (use `npx projen new` without a type for a\nfull list):\n\n**Built-in:** (run `npx projen new \u003ctype\u003e`)\n\n\u003c!-- \u003cmacro exec=\"node ./scripts/readme-projects.js\"\u003e --\u003e\n* [awscdk-app-java](https://projen.io/docs/api/awscdk#awscdkjavaapp-) - AWS CDK app in Java.\n* [awscdk-app-py](https://projen.io/docs/api/awscdk#awscdkpythonapp-) - AWS CDK app in Python.\n* [awscdk-app-ts](https://projen.io/docs/api/awscdk#awscdktypescriptapp-) - AWS CDK app in TypeScript.\n* [awscdk-construct](https://projen.io/docs/api/awscdk#awscdkconstructlibrary-) - AWS CDK construct library project.\n* [cdk8s-app-py](https://projen.io/docs/api/cdk8s#cdk8spythonapp-) - CDK8s app in Python.\n* [cdk8s-app-ts](https://projen.io/docs/api/cdk8s#cdk8stypescriptapp-) - CDK8s app in TypeScript.\n* [cdk8s-construct](https://projen.io/docs/api/cdk8s#constructlibrarycdk8s-) - CDK8s construct library project.\n* [cdktf-construct](https://projen.io/docs/api/cdktf#constructlibrarycdktf-) - CDKTF construct library project.\n* [java](https://projen.io/docs/api/java#javaproject-) - Java project.\n* [jsii](https://projen.io/docs/api/cdk#jsiiproject-) - Multi-language jsii library project.\n* [nextjs](https://projen.io/docs/api/web#nextjsproject-) - Next.js project using JavaScript.\n* [nextjs-ts](https://projen.io/docs/api/web#nextjstypescriptproject-) - Next.js project using TypeScript.\n* [node](https://projen.io/docs/api/javascript#nodeproject-) - Node.js project.\n* [project](https://projen.io/docs/api/projen#project-) - Base project.\n* [python](https://projen.io/docs/api/python#pythonproject-) - Python project.\n* [react](https://projen.io/docs/api/web#reactproject-) - React project using JavaScript.\n* [react-ts](https://projen.io/docs/api/web#reacttypescriptproject-) - React project using TypeScript.\n* [typescript](https://projen.io/docs/api/typescript#typescriptproject-) - TypeScript project.\n* [typescript-app](https://projen.io/docs/api/typescript#typescriptappproject-) - TypeScript app.\n\u003c!-- \u003c/macro\u003e --\u003e\n\n**External:** (run `npx projen new --from \u003ctype\u003e`)\n\n* [projen-github-action-typescript](https://github.com/projen/projen-github-action-typescript/blob/main/API.md) - GitHub Action in TypeScript project.\n\n\u003e Use `npx projen new PROJECT-TYPE --help` to view a list of command line\n\u003e switches that allows you to specify most project options during bootstrapping.\n\u003e For example: `npx projen new jsii --author-name \"Jerry Berry\"`.\n\nThe `new` command will create a `.projenrc.js` file which looks like this for\n`jsii` projects:\n\n```js\nconst { JsiiProject } = require('projen');\n\nconst project = new JsiiProject({\n  authorAddress: \"elad.benisrael@gmail.com\",\n  authorName: \"Elad Ben-Israel\",\n  name: \"foobar\",\n  repository: \"https://github.com/eladn/foobar.git\",\n});\n\nproject.synth();\n```\n\nThis program instantiates the project type with minimal setup, and then calls\n`synth()` to synthesize the project files. By default, the `new` command will\nalso execute this program, which will result in a fully working project.\n\nOnce your project is created, you can configure your project by editing\n`.projenrc.js` and re-running `npx projen` to synthesize again.\n\n\u003e The files generated by *projen* are considered an \"implementation detail\" and\n\u003e *projen* protects them from being manually edited (most files are marked\n\u003e read-only, and an \"anti tamper\" check is configured in the CI build workflow\n\u003e to ensure that files are not updated during build).\n\nFor example, to setup PyPI publishing in `jsii` projects, you can use\n[`publishToPypi option`](https://projen.io/publisher.html):\n\n```js\nconst project = new JsiiProject({\n  // ...\n  publishToPypi: {\n    distName: \"mydist\",\n    module: \"my_module\",\n  }\n});\n```\n\nRun:\n\n```shell\nnpx projen\n```\n\nAnd you'll notice that your `package.json` file now contains a `python` section in\nits `jsii` config and the GitHub `release.yml` workflow includes a PyPI\npublishing step.\n\nWe recommend to put this in your shell profile, so you can simply run `pj` every\ntime you update `.projenrc.js`:\n\n```bash\nalias pj='npx projen'\n```\n\nMost projects come with an assortment of **tasks** that handle various\ndevelopment activities, from compiling to publishing. Tasks can be and composed\ntogether, and can be run as local commands or turned into GitHub workflows. You\ncan list all tasks with `npx projen --help`:\n\n```shell\n$ npx projen --help\nprojen [command]\n\nCommands:\n  projen new [PROJECT-TYPE-NAME] [OPTIONS]  Creates a new projen project\n  projen clobber                            hard resets to HEAD of origin and cleans the local repo\n  projen compile                            Only compile\n  projen test                               Run tests\n  projen build                              Full release build (test+compile)\n  projen upgrade                            upgrade dependencies (including projen)\n...\n```\n\nThe `build` task is the same task that's executed in your CI builds. It\ntypically compiles, lints, tests and packages your module for distribution.\n\n### Shell Completions\n\nIf installed as a global package, `projen` includes rich shell tab-completion support. To enable this in your shell, run:\n\n```shell\n# Bash\nprojen completion \u003e\u003e ~/.bashrc\n\n# ZSH\nprojen completion \u003e\u003e ~/.zshrc\n```\n\n## Features\n\nSome examples of features built-in to project types:\n\n* Fully synthesize `package.json`\n* Standard npm scripts like `compile`, `build`, `test`, `package`\n* eslint\n* Jest\n* jsii: compile, package, api compatibility checks, API.md\n* Bump \u0026 release scripts with CHANGELOG generation based on conventional commits\n* Automated PR builds\n* Automated releases to npm, maven, NuGet and PyPI\n* Automated dependency upgrades\n* Mergify configuration\n* LICENSE file generation\n* gitignore + npmignore management\n* Node \"engines\" support with coupling to CI build environment and @types/node\n* Anti-tamper: CI builds will fail if a synthesized file is modified manually\n\n## Documentation\n\nFor documentation including examples and a full API reference, visit \u003chttps://projen.io/\u003e.\n\n## Ecosystem\n\n*projen* takes a \"batteries included\" approach and aims to offer dozens of different project types out of\nthe box (we are just getting started). Think `projen new react`, `projen new angular`, `projen new java-maven`,\n`projen new awscdk-typescript`, `projen new cdk8s-python` (nothing in projen is tied to javascript or npm!)...\n\nAdding new project types is as simple as submitting a pull request to this repo and exporting a class that\nextends `projen.Project` (or one of its derivatives). Projen automatically discovers project types so your\ntype will immediately be available in `projen new`.\n\n### Projects in external modules\n\n*projen* is bundled with many project types out of the box, but it can also work\nwith project types and components defined in external jsii modules (the reason\nwe need jsii is because projen uses the jsii metadata to discover project types\n\u0026 options in projen new).\n\nSay we have a module in npm called `projen-vuejs` which includes a single project\ntype for vue.js:\n\n```bash\n$ npx projen new --from projen-vuejs\n```\n\nIf the referenced module includes multiple project types, the type is required.\nSwitches can also be used to specify initial values based on the project type\nAPIs. You can also use any package syntax supported by [yarn\nadd](https://classic.yarnpkg.com/en/docs/cli/add#toc-adding-dependencies) like\n`projen-vuejs@1.2.3`, `file:/path/to/local/folder`,\n`git@github.com/awesome/projen-vuejs#1.2.3`, etc.\n\n```bash\n$ npx projen new --from projen-vuejs@^2 vuejs-ts --description \"my awesome vue project\"\n```\n\nUnder the hood, `projen new` will install the `projen-vuejs` module from npm\n(version 2.0.0 and above), discover the project types in it and bootstrap the\n`vuejs-ts` project type. It will assign the value `\"my awesome vue project\"` to\nthe `description` field. If you examine your `.projenrc.js` file, you'll see\nthat `projen-vuejs` is defined as a dev dependency:\n\n```javascript\nconst { VueJsProject } = require('projen-vuejs');\n\nconst project = new VueJsProject({\n  name: 'my-vuejs-sample',\n  description: \"my awesome vue project\",\n  // ...\n  devDeps: [\n    'projen-vuejs'\n  ]\n});\n\nproject.synth();\n```\n\n## Roadmap\n\nSee [Vision](./VISION.md).\n\n## FAQ\n\n### Do I have to write my configuration in JavaScript?\n\nNot at all! JavaScript is the default, but it's also possible to write it in\nJava, Python, TypeScript, or even JSON. This is made\npossible by the [jsii](https://github.com/aws/jsii) library which allows us\nto write APIs once and generate libraries in several languages. You can choose\na different language by passing the `--projenrc-ts`, `--projenrc-py`, `--projenrc-java`, or\n`--projenrc-json` flags when running `projen new`.\n\nNote: using a `.projenrc.json` file to specify configuration only allows\naccessing a subset of the entire API - the options which are passed to the\nconstructor of each project type.\n\n### How does projen work with my IDE?\n\nprojen has an unofficial [VS Code extension]. Check it out!\n\n[VS Code extension]: https://marketplace.visualstudio.com/items?itemName=MarkMcCulloh.vscode-projen\n\n## Community\n\nThe projen community can be found within the #projen channel in the [cdk.dev]\ncommunity Slack workspace.\n\n[cdk.dev]: https://cdk.dev/\n\n## Contributions\n\nContributions of all kinds are welcome! Check out our [contributor's\nguide](./CONTRIBUTING.md) and our [code of conduct](./CODE_OF_CONDUCT.md).\n\nFor a quick start, check out a development environment:\n\n```bash\n$ git clone git@github.com:projen/projen\n$ cd projen\n$ npm ci\n$ npm run watch # compile in the background\n```\n\n### Contributors\n\nThanks goes to [our wonderful contributors](https://github.com/projen/projen/graphs/contributors)!\n\n## License\n\nDistributed under the [Apache-2.0](./LICENSE) license.\n","funding_links":[],"categories":["TypeScript","typescript","Packages","Other","Tools","aws-cdk"],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fprojen%2Fprojen","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fprojen%2Fprojen","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fprojen%2Fprojen/lists"}