{"id":13468765,"url":"https://github.com/pypyr/pypyr","last_synced_at":"2026-02-19T07:03:23.050Z","repository":{"id":39749563,"uuid":"86060799","full_name":"pypyr/pypyr","owner":"pypyr","description":"pypyr task-runner cli \u0026 api for automation pipelines. Automate anything by combining commands, different scripts in different languages \u0026 applications into one pipeline process.","archived":false,"fork":false,"pushed_at":"2023-12-19T22:25:16.000Z","size":1388,"stargazers_count":637,"open_issues_count":16,"forks_count":28,"subscribers_count":15,"default_branch":"main","last_synced_at":"2025-10-21T20:43:24.575Z","etag":null,"topics":["automation","cd","ci","ci-cd","continuous-deployment","continuous-integration","devops","pipeline","pipeline-processor","pipeline-runner","pipelines","pipelines-yaml","python","script","script-loader","task-manager","task-runner","taskrunner","tool"],"latest_commit_sha":null,"homepage":"https://pypyr.io","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/pypyr.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null}},"created_at":"2017-03-24T11:26:15.000Z","updated_at":"2025-10-18T17:30:25.000Z","dependencies_parsed_at":"2022-09-05T15:30:10.713Z","dependency_job_id":"d76b7093-f786-429f-b399-1b941fe59292","html_url":"https://github.com/pypyr/pypyr","commit_stats":{"total_commits":637,"total_committers":9,"mean_commits":70.77777777777777,"dds":0.3751962323390895,"last_synced_commit":"bc1a53043700738b1269b2f8a5ff019ec818a676"},"previous_names":[],"tags_count":95,"template":false,"template_full_name":null,"purl":"pkg:github/pypyr/pypyr","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pypyr%2Fpypyr","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pypyr%2Fpypyr/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pypyr%2Fpypyr/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pypyr%2Fpypyr/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/pypyr","download_url":"https://codeload.github.com/pypyr/pypyr/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pypyr%2Fpypyr/sbom","scorecard":{"id":751746,"data":{"date":"2025-08-11","repo":{"name":"github.com/pypyr/pypyr","commit":"b3e8f8c6063c11e37c1c762b89b4cd8620460c79"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":3.8,"checks":[{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/lint-test-build.yaml:1","Warn: no topLevel permission defined: .github/workflows/publish.yaml:1","Warn: no topLevel permission defined: .github/workflows/tag-release.yaml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Code-Review","score":0,"reason":"Found 1/18 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/lint-test-build.yaml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/pypyr/pypyr/lint-test-build.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/lint-test-build.yaml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/pypyr/pypyr/lint-test-build.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/lint-test-build.yaml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/pypyr/pypyr/lint-test-build.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/lint-test-build.yaml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/pypyr/pypyr/lint-test-build.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yaml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/pypyr/pypyr/publish.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yaml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/pypyr/pypyr/publish.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish.yaml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/pypyr/pypyr/publish.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish.yaml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/pypyr/pypyr/publish.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tag-release.yaml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/pypyr/pypyr/tag-release.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tag-release.yaml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/pypyr/pypyr/tag-release.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/tag-release.yaml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/pypyr/pypyr/tag-release.yaml/main?enable=pin","Info:   0 out of   6 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of   5 third-party GitHubAction dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: Apache License 2.0: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 30 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}}]},"last_synced_at":"2025-08-22T20:34:13.880Z","repository_id":39749563,"created_at":"2025-08-22T20:34:13.880Z","updated_at":"2025-08-22T20:34:13.880Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29605810,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-02-19T06:47:36.664Z","status":"ssl_error","status_checked_at":"2026-02-19T06:45:47.551Z","response_time":117,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["automation","cd","ci","ci-cd","continuous-deployment","continuous-integration","devops","pipeline","pipeline-processor","pipeline-runner","pipelines","pipelines-yaml","python","script","script-loader","task-manager","task-runner","taskrunner","tool"],"created_at":"2024-07-31T15:01:18.663Z","updated_at":"2026-02-19T07:03:23.031Z","avatar_url":"https://github.com/pypyr.png","language":"Python","funding_links":[],"categories":["Python","automation","Infrastructure \u0026 DevOps","devops"],"sub_categories":[],"readme":"![pypyr task runner for automation pipelines](https://pypyr.io/images/2x1/pypyr-taskrunner-yaml-pipeline-automation-1200x600.1bd2401e4f8071d85bcb1301128e4717f0f54a278e91c9c350051191de9d22c0.png)\n\n# pypyr automation task runner\nAll documentation is here: \u003chttps://pypyr.io/\u003e\n\n[![build status](https://github.com/pypyr/pypyr/workflows/lint-test-build/badge.svg?branch=main)](https://github.com/pypyr/pypyr/actions)\n[![coverage status](https://codecov.io/gh/pypyr/pypyr/branch/main/graph/badge.svg)](https://codecov.io/gh/pypyr/pypyr)\n[![pypi version](https://badge.fury.io/py/pypyr.svg)](https://pypi.python.org/pypi/pypyr/)\n[![apache 2.0 license](https://img.shields.io/github/license/pypyr/pypyr)](https://opensource.org/licenses/Apache-2.0)\n\n*pypyr*\n\n\u003e   pronounce how you like, but I generally say *piper* as in \"piping\n    down the valleys wild\"\n\npypyr is a free \u0026 open-source task-runner that lets you define and run\nsequential steps in a pipeline.\n\nLike a turbo-charged shell script, but less finicky. Less annoying than\na makefile.\n\npypyr runs pipelines defined in yaml. A pipeline is pretty much anything\nyou want to automate with a sequence of steps.\n\nAutomate anything by combining commands, different scripts in different\nlanguages \u0026 applications into one pipeline process.\n\nYou can run loops, conditionally execute steps based on conditions you\nspecify, wait for status changes before continuing, break on failure\nconditions or swallow errors. Pretty useful for orchestrating continuous\nintegration, continuous deployment \u0026 devops operations.\n\npypyr gives you simple variable substitution \u0026 configuration file\nmanagement so you can read, merge and write configuration files to and\nfrom yaml, json or just text.\n\n## Installation\n\n```console\n$ pip install --upgrade pypyr\n```\n\nTested against Python \\\u003e=3.7\n\npypyr runs on Linux, MacOS \u0026 Windows. pypyr also runs fine on CI servers \u0026\ncontainers - pretty much anywhere with a Python run-time will work.\n\n## Usage\n### This is a pipeline\nExample pipeline that runs a sequence of steps and takes an optional\ncustom cli input argument:\n\n```yaml\n# ./show-me-what-you-got.yaml\ncontext_parser: pypyr.parser.keyvaluepairs\nsteps:\n  - name: pypyr.steps.echo\n    in:\n      echoMe: o hai!\n  - name: pypyr.steps.cmd\n    in:\n      cmd: echo any cmd you like\n  - name: pypyr.steps.shell\n    in:\n      cmd: echo ninja shell power | grep '^ninja.*r$' \n  - name: pypyr.steps.py\n    in:\n      py: print('any python you like')\n  - name: pypyr.steps.cmd\n    while:\n      max: 3\n    in:\n      cmd: echo gimme a {whileCounter}\n  - name: pypyr.steps.cmd\n    foreach: [once, twice, thrice]\n    in:\n      cmd: echo say {i}\n  - name: pypyr.steps.default\n    in:\n      defaults:\n        sayBye: False\n  - name: pypyr.steps.echo\n    run: '{sayBye}'\n    in:\n      echoMe: k bye!\n```\n\n### This is how you run a pipeline\nThis is what happens when you run this pipeline:\n\n```console\n$ pypyr show-me-what-you-got\no hai!\nany cmd you like\nninja shell power\nany python you like\ngimme a 1\ngimme a 2\ngimme a 3\nsay once\nsay twice\nsay thrice\n\n$ pypyr show-me-what-you-got sayBye=true  \no hai!\nany cmd you like\nninja shell power\nany python you like\ngimme a 1\ngimme a 2\ngimme a 3\nsay once\nsay twice\nsay thrice\nk bye!\n```\n\n## Help!\nDon't Panic! Check the [pypyr technical docs](https://pypyr.io/docs/)\nto begin. For help, community \u0026 talk, check [pypyr\ntwitter](https://twitter.com/pypyrpipes/), or join the chat at the \n[pypyr community discussion forum](https://github.com/pypyr/pypyr/discussions)!\n\n## Contribute\n### Developers\nFor information on how to help with pypyr, run tests and coverage,\nplease do check out the [contribution guide](CONTRIBUTING.md).\n\n### Bugs\nWell, you know. No one's perfect. Feel free to [create an\nissue](https://github.com/pypyr/pypyr/issues/new).\n\n## License\npypyr is free \u0026 open-source software distributed under the Apache 2.0 License.\n\nPlease see [LICENSE file](LICENSE) in the root of the repo..\n\nCopyright 2017 the pypyr contributors.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpypyr%2Fpypyr","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fpypyr%2Fpypyr","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpypyr%2Fpypyr/lists"}