{"id":13848478,"url":"https://github.com/qos-ch/logback","last_synced_at":"2026-02-14T22:07:57.951Z","repository":{"id":641410,"uuid":"283325","full_name":"qos-ch/logback","owner":"qos-ch","description":"The reliable, generic, fast and flexible logging framework for Java.","archived":false,"fork":false,"pushed_at":"2025-07-25T21:00:04.000Z","size":30161,"stargazers_count":3150,"open_issues_count":321,"forks_count":1321,"subscribers_count":144,"default_branch":"master","last_synced_at":"2025-09-05T15:58:01.362Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"http://logback.qos.ch","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/qos-ch.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":".github/FUNDING.yml","license":"LICENSE.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null},"funding":{"tidelift":"maven/ch.qos.logback:logback-classic","github":"qos-ch"}},"created_at":"2009-08-20T18:48:24.000Z","updated_at":"2025-09-03T13:53:49.000Z","dependencies_parsed_at":"2023-09-27T19:52:25.639Z","dependency_job_id":"363b1859-cc1c-4853-8a4c-ac714faa955c","html_url":"https://github.com/qos-ch/logback","commit_stats":{"total_commits":4333,"total_committers":155,"mean_commits":"27.954838709677418","dds":0.3090237710593122,"last_synced_commit":"49f0638512cb1fc51f634ef4f972d25d34a9565b"},"previous_names":[],"tags_count":146,"template":false,"template_full_name":null,"purl":"pkg:github/qos-ch/logback","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/qos-ch%2Flogback","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/qos-ch%2Flogback/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/qos-ch%2Flogback/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/qos-ch%2Flogback/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/qos-ch","download_url":"https://codeload.github.com/qos-ch/logback/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/qos-ch%2Flogback/sbom","scorecard":{"id":754418,"data":{"date":"2025-08-11","repo":{"name":"github.com/qos-ch/logback","commit":"a07cfd53e4a3122dc83c4ad36b96f6f6fc78375c"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":6.6,"checks":[{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Token-Permissions","score":10,"reason":"GitHub workflow tokens follow principle of least privilege","details":["Info: topLevel 'contents' permission set to 'read': .github/workflows/main.yml:21","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Security-Policy","score":10,"reason":"security policy file detected","details":["Info: security policy file detected: SECURITY.md:1","Info: Found linked content: SECURITY.md:1","Info: Found disclosure, vulnerability, and/or timelines in security policy: SECURITY.md:1","Info: Found text in security policy: SECURITY.md:1"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Code-Review","score":0,"reason":"Found 1/30 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Maintained","score":4,"reason":"1 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 4","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Info: Possibly incomplete results: error parsing shell code: invalid parameter name: logback-examples/src/main/resources/setClasspath.sh:0","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/qos-ch/logback/main.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/qos-ch/logback/main.yml/master?enable=pin","Info:   0 out of   2 GitHub-owned GitHubAction dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"License","score":9,"reason":"license file detected","details":["Info: project has a license file: LICENSE.txt:0","Warn: project license file does not contain an FSF or OSI license."],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Fuzzing","score":10,"reason":"project is fuzzed","details":["Info: OSSFuzz integration found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 1 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-22T21:12:23.594Z","repository_id":641410,"created_at":"2025-08-22T21:12:23.594Z","updated_at":"2025-08-22T21:12:23.594Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":273833320,"owners_count":25176280,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-09-05T02:00:09.113Z","response_time":402,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-08-04T19:00:50.299Z","updated_at":"2026-02-14T22:07:57.945Z","avatar_url":"https://github.com/qos-ch.png","language":"Java","readme":"\n# About logback\n\nThank you for your interest in logback, the reliable, generic, fast\nand flexible logging library for Java.\n\nThe Logback documentation can be found on the [project\nweb-site](https://logback.qos.ch/documentation.html) as well as under\nthe docs/ folder of the logback distribution.\n\n## On the 1.5.x series\n\nThe 1.5.x series is a direct descendant of and a drop-in replacement\nfor the 1.4.x series. It differs from the 1.4.x series by the\nrelocation of the logback-access module which was moved to its [own\nseparate github repository](https://github.com/qos-ch/logback-access).\n\nHere is a summary of 1.5.x dependencies:\n\n|Logback version   |github branch   |SLF4J version  | JDK at runtime | JDK during build | Enterprise Edition (optional)|\n|:---------------:|:--------:|:---------:|:-------:|:--------:|------------------------------|\n| 1.5.x            | master         | 2.0.x         | 11             | 21            | Jakarta EE (jakarta.* namespace)|\n\n# Building logback\n\nVersion 1.5.x requires Java 21 to compile and build.\n\nMore details on building logback is documented at:\n\n  https://logback.qos.ch/setup.html#ide\n\n# In case of problems\n\nIn case of problems please do not hesitate to post an e-mail message\non the logback-user@qos.ch mailing list. You may also post message on the \n[github discussions](https://github.com/qos-ch/logback/discussions) forum. \nHowever, please do not directly e-mail logback developers. \nThe answer to your question might be useful to other users. Moreover, \nthere are many knowledgeable users on the logback-user mailing lists \nwho can quickly answer your questions.\n\n# Urgent issues\n\nFor urgent issues do not hesitate to [champion a\nrelease](https://github.com/sponsors/qos-ch/sponsorships?tier_id=543501).\nIn principle, most championed issues are solved within 3 business days\nfollowed up by a release.\n\n# Pull requests\n\nIf you are interested in improving logback, that is great! The logback \ncommunity looks forward to your contribution. Please follow this process:\n\n1. Fork qos-ch/logback. Ideally, create a new branch from your fork for\n   your contribution to make it easier to merge your changes back.\n\n2. Make the effort to explain the aim of your proposed change.\n\n3. Make your changes on the branch you hopefully created in Step 2. Be\n   sure that your code passes existing unit tests.\n\n4. Please add unit tests for your work if appropriate. It usually is.\n\n5. Push your changes to your fork/branch in GitHub. Don't push it to\n   your master! If you do it will make it harder to submit new changes\n   later.\n\n6. Submit a pull request to logback from your commit page on GitHub.\n   All commits must have signed off by the contributor attesting to\n  [Developer Certificate of Origin (DCO)](https://developercertificate.org/).\n  Commits without sign off will be automatically rejected by the [DCO GitHub\n  check](https://probot.github.io/apps/dco/) application.\n\n7. Do not forget to explain your proposed changes.\n\n\u003c!--\n# Continuous integration build status\n\n| Branch | Last results |\n| ------ | -------------|\n| master | ![CI master](https://github.com/qos-ch/logback/actions/workflows/main.yml/badge.svg) |\n--\u003e\n\n\n","funding_links":["https://tidelift.com/funding/github/maven/ch.qos.logback:logback-classic","https://github.com/sponsors/qos-ch","https://github.com/sponsors/qos-ch/sponsorships?tier_id=543501"],"categories":["Java","I. Development","日志库"],"sub_categories":["6. Useful libraries"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fqos-ch%2Flogback","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fqos-ch%2Flogback","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fqos-ch%2Flogback/lists"}