{"id":13558468,"url":"https://github.com/raster-foundry/raster-foundry","last_synced_at":"2026-01-14T02:15:00.246Z","repository":{"id":32870115,"uuid":"36464140","full_name":"raster-foundry/raster-foundry","owner":"raster-foundry","description":"The Raster Foundry web application.","archived":false,"fork":false,"pushed_at":"2022-11-07T16:36:42.000Z","size":47622,"stargazers_count":141,"open_issues_count":575,"forks_count":45,"subscribers_count":27,"default_branch":"develop","last_synced_at":"2025-04-03T13:39:02.647Z","etag":null,"topics":["earth-observation","geospatial","geospatial-processing","geotrellis","raster"],"latest_commit_sha":null,"homepage":"https://www.rasterfoundry.com","language":"Scala","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":"volatiletech/authboss-sample","license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/raster-foundry.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2015-05-28T20:25:45.000Z","updated_at":"2024-11-22T07:02:19.000Z","dependencies_parsed_at":"2022-06-27T02:09:06.975Z","dependency_job_id":null,"html_url":"https://github.com/raster-foundry/raster-foundry","commit_stats":null,"previous_names":[],"tags_count":167,"template":false,"template_full_name":null,"purl":"pkg:github/raster-foundry/raster-foundry","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/raster-foundry%2Fraster-foundry","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/raster-foundry%2Fraster-foundry/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/raster-foundry%2Fraster-foundry/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/raster-foundry%2Fraster-foundry/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/raster-foundry","download_url":"https://codeload.github.com/raster-foundry/raster-foundry/tar.gz/refs/heads/develop","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/raster-foundry%2Fraster-foundry/sbom","scorecard":{"id":762511,"data":{"date":"2025-08-11","repo":{"name":"github.com/raster-foundry/raster-foundry","commit":"eee86bf45b9ebabbbee7bb36a73dd60bd8a807bf"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":2.9,"checks":[{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Token-Permissions","score":-1,"reason":"No tokens found","details":null,"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Code-Review","score":5,"reason":"Found 11/21 approved changesets -- score normalized to 5","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Dangerous-Workflow","score":-1,"reason":"no workflows found","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: Apache License 2.0: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 21 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":3,"reason":"7 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-29gw-9793-fvw7","Warn: Project is vulnerable to: PYSEC-2022-12 / GHSA-pq7m-3gw7-gq5x","Warn: Project is vulnerable to: PYSEC-2023-71 / GHSA-j5fj-rfh6-qj85","Warn: Project is vulnerable to: PYSEC-2017-24 / GHSA-r9jw-mwhq-wp62","Warn: Project is vulnerable to: GHSA-9hjg-9r4m-mvj7","Warn: Project is vulnerable to: GHSA-9wx4-h78v-vm56","Warn: Project is vulnerable to: PYSEC-2023-74 / GHSA-j8r2-6x86-q33q"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: containerImage not pinned by hash: app-backend/Dockerfile.build:1: pin your Docker image by updating quay.io/azavea/openjdk-gdal:2.4-jdk8-slim to quay.io/azavea/openjdk-gdal:2.4-jdk8-slim@sha256:2b7f3c1d18119e1e28e36884e8a42527101e53e1d288616f2978049be1dc33bd","Warn: containerImage not pinned by hash: app-backend/api/Dockerfile:1: pin your Docker image by updating quay.io/azavea/openjdk-gdal:2.4-jdk8-slim to quay.io/azavea/openjdk-gdal:2.4-jdk8-slim@sha256:2b7f3c1d18119e1e28e36884e8a42527101e53e1d288616f2978049be1dc33bd","Warn: containerImage not pinned by hash: app-backend/backsplash-server/Dockerfile:1: pin your Docker image by updating quay.io/azavea/openjdk-gdal:2.4-jdk8-slim to quay.io/azavea/openjdk-gdal:2.4-jdk8-slim@sha256:2b7f3c1d18119e1e28e36884e8a42527101e53e1d288616f2978049be1dc33bd","Warn: containerImage not pinned by hash: app-backend/db/Dockerfile.migrations:1: pin your Docker image by updating flyway/flyway:6.0.8 to flyway/flyway:6.0.8@sha256:2de9bbf9f6d0d21dffb643d03afb365c86786ebaf13f5d69ee57546abd2236bb","Warn: containerImage not pinned by hash: app-hitl/Dockerfile:1: pin your Docker image by updating aaronxsu/raster-vision-pytorch:latest to aaronxsu/raster-vision-pytorch:latest@sha256:df2e3a12abde5b61bd179a3b1a8a1e7a259f6b95150671392db2a1cac6b76622","Warn: containerImage not pinned by hash: app-tasks/Dockerfile:1: pin your Docker image by updating quay.io/azavea/openjdk-gdal:3.1-jdk8-slim to quay.io/azavea/openjdk-gdal:3.1-jdk8-slim@sha256:33ebe643cfcfa48178b4b3b8acac3cda6819675c6ebf0b50d254e7e686da0c32","Warn: containerImage not pinned by hash: nginx/Dockerfile.api:1: pin your Docker image by updating nginx:1.20.0-alpine to nginx:1.20.0-alpine@sha256:e015192ec74937149dce3aa1feb8af016b7cce3a2896246b623cfd55c14939a6","Warn: pipCommand not pinned by hash: app-hitl/Dockerfile:5","Warn: pipCommand not pinned by hash: app-tasks/Dockerfile:9-23","Info:   0 out of   7 containerImage dependencies pinned","Info:   0 out of   2 pipCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}}]},"last_synced_at":"2025-08-22T23:48:54.953Z","repository_id":32870115,"created_at":"2025-08-22T23:48:54.953Z","updated_at":"2025-08-22T23:48:54.953Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28408711,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-14T01:52:23.358Z","status":"online","status_checked_at":"2026-01-14T02:00:06.678Z","response_time":107,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["earth-observation","geospatial","geospatial-processing","geotrellis","raster"],"created_at":"2024-08-01T12:04:58.323Z","updated_at":"2026-01-14T02:15:00.224Z","avatar_url":"https://github.com/raster-foundry.png","language":"Scala","readme":"# Raster Foundry\n\n## Getting Started\n\n### Requirements\n\n- AWS CLI 1.10+\n- AWS Account (to store artifacts, secrets)\n- [jabba](https://github.com/shyiko/jabba) for managing Java versions\n- [Rollbar Account](https://rollbar.com/) (error reporting -- optional)\n\n*tl;dr*:\n\n- `export AWS_PROFILE=raster-foundry`\n- `export RF_SETTINGS_BUCKET=...`\n- `jabba use` -- if you don't have that version available, also `jabba install` the version from `.jabbarc`\n- `./scripts/bootstrap`\n- `./scripts/update`\n- `./scripts/server`\n\n#### Setting Up AWS Account\n\nThere are a set of tasks necessary before starting development in order to provision Raster Foundry. Raster Foundry depends heavily on AWS resources and using AWS resources to manage secrets/containers/artifacts in development. If only local development is being done, the primary resource that will be used are S3 buckets to store secrets.\n\nIn the AWS account you need to create a few buckets for the following:\n - A bucket to house raw data (e.g. geotiffs, JPEG2000, ingest definitions, etc.)\n - A config bucket that will store secrets for development and or other environments, an exported database for development data\n - A bucket to house processed data (e.g. thumbnails, processed raster RDDs)\n\nThe names of the buckets are not important, but they should be memorable and easy to parse for your own sake. On your host machine you need to set up an AWS profile for the account with the S3 buckets. For instance, to set up an AWS profile called `raster-foundry` with the AWS cli the following command would be used:\n```\n$ aws configure --profile raster-foundry\n```\n\nYou will be prompted for an access key and secret key.\n\n#### Setting Development Environment Variables\n\nThe `.env.template` file is a template file with environment variables that get injected into running containers during development. This file should be copied into the AWS config bucket created after filling in sensitive information (replacing all `PLACEHOLDER` values with appropriate values for your AWS setup). When provisioning this file is copied to the development environment and injected into containers with `docker-compose`.\n\nIn addition to setting up an AWS account, you must register for an Auth0 account to produce secrets to use in the `.env` file. You need to go through setting up an application and copying over the client IDs, domain, and secret.\n\nAdditionally, if you want to exercise token management in the application, you need to generate a management API app to handle managing the generation of [refresh tokens for users via the management API](https://auth0.com/docs/api/management/v2/tokens). This is not necessary for most functionality in the application and can be deferred until later if you desire.\n\nThe last thing to set up with Auth0 are the allowed callback URLs and logout URLs. These need to be edited to allow interaction for local development from `localhost:9091` and `localhost:9100`.\n\n### Development\n\nRaster Foundry follows the approach outlined [here](https://githubengineering.com/scripts-to-rule-them-all/) (\"Scripts to Rule Them All\") to have a  mostly consistent development experience. We deviate in a few specific ways:\n\n- We don't pin / require a specific Java version. The application will eventually run in a jdk8 container, and for reproduction it's helpful to have `jabba` to be able to describe issues that occur on some Java versions but not others, but largely this does not make a difference at this point.\n- We expect the user to install `jabba` on their host, instead of running everything in containers. Users _can_ choose to run everything in containers, but that's not how the development environment is organized by default.\n\nAlmost all interaction with consoles and servers can be managed via calls to a script located in `./scripts`. Default values for the S3 config and data buckets in addition to AWS profile will be used if they are not set with an environment variable. Before running `scripts/bootstrap`, these should be injected into your shell environment:\n\n```bash\nexport RF_AWS_PROFILE=raster-foundry\nexport RF_SETTINGS_BUCKET=rasterfoundry-development-config-us-east-1\n```\n\nAfter exporting your environment settings, you are ready to get started:\n\n```bash\n$ ./scripts/bootstrap\n$ ./scripts/update\n$ ./scripts/server\n```\n\nThe servers should come up successfully.\n\nThen, kill your servers. To get the database loaded with sample data, you can run `./scripts/load_development_data --download`.\nThis will fetch a database dump from S3 and some development images. You can use these data for consistent testing instructions\nwith other developers. This script will also apply any outstanding migrations not present in the dev database.\n\n### Migrations\n\nDatabase migrations are managed using [flyway](flyway). You can run `flyway` commands with `scripts/migrate`. Some commands you\ncan run are:\n\n- `scripts/migrate migrate`: apply outtanding migrations\n- `scripts/migrate repair`: reconcile the checksums of applied migrations in the database with what's present on disk\n\nThere is no command to revert migrations.\n\nThe workflow for creating a new migration is:\n\n - Write a migration in `db/src/main/resources/Vxx__migration_name.sql`\n - `./scripts/migrate migrate`\n - Verify the schema changes in PostgreSQL with `./scripts/psql`\n\n## Ports\n\nThe Vagrant configuration maps the following host ports to services running in the virtual machines. Ports can be overridden for individual developers using environment variables\n\n| Service                   | Port                            | Environment Variable |\n| ------------------------- | ------------------------------- | -------------------- |\n| Nginx (api)               | [`9100`](http://localhost:9100) | `RF_PORT_9100`       |\n| Application Server (akka) | [`9000`](http://localhost:9000) | `RF_PORT_9000`       |\n| Tile Server (http4s)      | [`8081`](http://localhost:8081) | `RF_PORT_8081`       |\n| Application Server (JMX)  | `9010`                          | `RF_PORT_9010`       |\n| Tile Server (JMX)         | `9030`                          | `RF_PORT_9030`       |\n\n## Scripts\n\nHelper and development scripts are located in the `./scripts` directory at the root of this project. These scripts are designed to encapsulate and perform commonly used actions such as starting a development server, accessing a development console, or running tests.\n\n| Script Name             | Purpose                                                      |\n| ----------------------- | ------------------------------------------------------------ |\n| `bootstrap`             | Pulls/builds necessary containers                            |\n| `update`                | Runs migrations, installs dependencies, etc.                 |\n| `server`                | Starts a development server                                  |\n| `console`               | Gives access to a running container via `docker-compose run` |\n| `psql`                  | Drops you into a `psql` console.                             |\n| `test`                  | Runs tests and linters for project                           |\n| `cibuild`               | Invoked by CI server and makes use of `test`.                |\n| `cipublish`             | Publish container images to container image repositories.    |\n| `load_development_data` | Load data for development purposes from S3                   |\n| `rsync-back`            | Perform a one-way `rsync` from the VM to the host.           |\n| `process-upload`        | Process an upload in development                             |\n\n## Testing\n\nRun all the tests:\n\n```bash\n$ ./scripts/test\n```\n\n## Processing Imagery\n\nIn staging and production, a batch job will automatically be kicked off for processing after a\nsuccessful upload. In development, you need to process the upload manually which you can do like so:\n\n```bash\n$ ./scripts/process-upload \u003cupload_id\u003e\n```\n","funding_links":[],"categories":["Scala","others"],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fraster-foundry%2Fraster-foundry","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fraster-foundry%2Fraster-foundry","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fraster-foundry%2Fraster-foundry/lists"}