{"id":13393524,"url":"https://github.com/rudderlabs/rudder-server","last_synced_at":"2026-04-28T08:05:45.903Z","repository":{"id":37301395,"uuid":"197743848","full_name":"rudderlabs/rudder-server","owner":"rudderlabs","description":"Privacy and Security focused Segment-alternative, in Golang and React  ","archived":false,"fork":false,"pushed_at":"2026-04-22T05:18:32.000Z","size":329111,"stargazers_count":4395,"open_issues_count":30,"forks_count":27,"subscribers_count":61,"default_branch":"master","last_synced_at":"2026-04-22T07:03:20.542Z","etag":null,"topics":["bigquery","cdp","customer-data","customer-data-lake","customer-data-pipeline","customer-data-platform","data-engineering","data-integration","data-pipeline","data-synchronization","data-warehouse","elt","etl","event-streaming","privacy","redshift","segment-alternative","snowflake","warehouse-management","warehouse-native"],"latest_commit_sha":null,"homepage":"https://www.rudderstack.com/","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/rudderlabs.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2019-07-19T09:24:38.000Z","updated_at":"2026-04-21T20:53:29.000Z","dependencies_parsed_at":"2026-04-22T07:02:56.623Z","dependency_job_id":null,"html_url":"https://github.com/rudderlabs/rudder-server","commit_stats":{"total_commits":4523,"total_committers":138,"mean_commits":32.77536231884058,"dds":0.8881273491045766,"last_synced_commit":"d3cc89419fb69470ed65f9f981b02fa4bfcb3aea"},"previous_names":[],"tags_count":450,"template":false,"template_full_name":null,"purl":"pkg:github/rudderlabs/rudder-server","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rudderlabs%2Frudder-server","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rudderlabs%2Frudder-server/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rudderlabs%2Frudder-server/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rudderlabs%2Frudder-server/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/rudderlabs","download_url":"https://codeload.github.com/rudderlabs/rudder-server/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rudderlabs%2Frudder-server/sbom","scorecard":{"id":343152,"data":{"date":"2025-08-11","repo":{"name":"github.com/rudderlabs/rudder-server","commit":"c97ad7aa5ce6bbdc682ac77a30d5cba9e1676ce3"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":7,"checks":[{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":10,"reason":"security policy file detected","details":["Info: security policy file detected: SECURITY.md:1","Info: Found linked content: SECURITY.md:1","Info: Found disclosure, vulnerability, and/or timelines in security policy: SECURITY.md:1","Info: Found text in security policy: SECURITY.md:1"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Maintained","score":10,"reason":"30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Code-Review","score":10,"reason":"all changesets reviewed","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"License","score":9,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Warn: project license file does not contain an FSF or OSI license."],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Branch-Protection","score":5,"reason":"branch protection is not maximal on development and all release branches","details":["Info: 'allow deletion' disabled on branch 'master'","Info: 'force pushes' disabled on branch 'master'","Warn: 'branch protection settings apply to administrators' is disabled on branch 'master'","Warn: 'stale review dismissal' is disabled on branch 'master'","Info: required approving review count is 2 on branch 'master'","Warn: codeowners review is not required on branch 'master'","Warn: 'last push approval' is disabled on branch 'master'","Info: status check found to merge onto on branch 'master'","Info: PRs are required in order to make changes on branch 'master'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Info: jobLevel 'contents' permission set to 'read': .github/workflows/labeler.yaml:8","Info: topLevel 'contents' permission set to 'read': .github/workflows/builds.yml:16","Warn: no topLevel permission defined: .github/workflows/dispatch-deploy-event-dev.yaml:1","Warn: no topLevel permission defined: .github/workflows/housekeeping.yaml:1","Warn: no topLevel permission defined: .github/workflows/labeler.yaml:1","Warn: no topLevel permission defined: .github/workflows/pr-description-enforcer.yaml:1","Warn: no topLevel permission defined: .github/workflows/prerelease.yaml:1","Warn: no topLevel permission defined: .github/workflows/release-please.yaml:1","Warn: no topLevel permission defined: .github/workflows/semantic-pr.yaml:1","Warn: no topLevel permission defined: .github/workflows/sync-release.yaml:1","Warn: no topLevel permission defined: .github/workflows/tests.yaml:1","Warn: no topLevel permission defined: .github/workflows/verify.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Fuzzing","score":10,"reason":"project is fuzzed","details":["Info: GoBuiltInFuzzer integration found: processor/internal/transformer/destination_transformer/embedded/warehouse/transformer_fuzz_test.go:42","Info: GoBuiltInFuzzer integration found: warehouse/internal/service/staging_test.go:88"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: third-party GitHubAction not pinned by hash: .github/workflows/builds.yml:71: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/builds.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/builds.yml:77: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/builds.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/builds.yml:85: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/builds.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/builds.yml:144: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/builds.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/builds.yml:150: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/builds.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/builds.yml:158: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/builds.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/builds.yml:182: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/builds.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/builds.yml:184: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/builds.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/builds.yml:189: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/builds.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/builds.yml:191: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/builds.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/builds.yml:220: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/builds.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/builds.yml:226: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/builds.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/builds.yml:234: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/builds.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/builds.yml:257: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/builds.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/builds.yml:259: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/builds.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/builds.yml:264: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/builds.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/builds.yml:266: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/builds.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/builds.yml:284: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/builds.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/builds.yml:289: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/builds.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/builds.yml:108: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/builds.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/builds.yml:110: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/builds.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/builds.yml:115: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/builds.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/builds.yml:117: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/builds.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/builds.yml:307: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/builds.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/builds.yml:312: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/builds.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/builds.yml:331: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/builds.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/builds.yml:336: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/builds.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/dispatch-deploy-event-dev.yaml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/dispatch-deploy-event-dev.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/housekeeping.yaml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/housekeeping.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/housekeeping.yaml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/housekeeping.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/labeler.yaml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/labeler.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/pr-description-enforcer.yaml:10: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/pr-description-enforcer.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/prerelease.yaml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/prerelease.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/prerelease.yaml:64: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/prerelease.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/prerelease.yaml:76: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/prerelease.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-please.yaml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/release-please.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-please.yaml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/release-please.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-please.yaml:45: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/release-please.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-please.yaml:58: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/release-please.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/semantic-pr.yaml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/semantic-pr.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/sync-release.yaml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/sync-release.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:183: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/tests.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:184: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/tests.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yaml:190: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/tests.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:218: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/tests.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:231: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/tests.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:233: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/tests.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:237: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/tests.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yaml:242: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/tests.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yaml:257: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/tests.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/tests.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/tests.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:80: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/tests.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:82: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/tests.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yaml:88: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/tests.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:115: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/tests.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:127: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/tests.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:128: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/tests.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:141: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/tests.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/verify.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/verify.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/verify.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/verify.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/verify.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/verify.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/verify.yml:54: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/verify.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/verify.yml:59: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/verify.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/verify.yml:73: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/verify.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/verify.yml:74: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/verify.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/verify.yml:78: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/verify.yml/master?enable=pin","Warn: containerImage not pinned by hash: Dockerfile:7","Warn: containerImage not pinned by hash: Dockerfile:34","Warn: containerImage not pinned by hash: cmd/benchmark/Dockerfile:2","Warn: containerImage not pinned by hash: cmd/benchmark/Dockerfile:15: pin your Docker image by updating alpine:3.21.3 to alpine:3.21.3@sha256:a8560b36e8b8210634f77d9f7f9efd7ffa463e380b75e2e74aff4511df3ef88c","Warn: containerImage not pinned by hash: processor/internal/transformer/destination_transformer/embedded/warehouse/benchmark/Dockerfile:1","Warn: containerImage not pinned by hash: processor/internal/transformer/destination_transformer/embedded/warehouse/benchmark/Dockerfile:7: pin your Docker image by updating alpine:3.21.0 to alpine:3.21.0@sha256:21dc6063fd678b478f57c0e13f47560d0ea4eeba26dfc947b2a4f81f686b9f45","Warn: containerImage not pinned by hash: suppression-backup-service/Dockerfile:6","Warn: containerImage not pinned by hash: suppression-backup-service/Dockerfile:12","Warn: goCommand not pinned by hash: .github/workflows/tests.yaml:240","Info:   0 out of  25 GitHub-owned GitHubAction dependencies pinned","Info:   1 out of  43 third-party GitHubAction dependencies pinned","Info:   0 out of   1 goCommand dependencies pinned","Info:   0 out of   8 containerImage dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Vulnerabilities","score":5,"reason":"5 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GO-2022-0635","Warn: Project is vulnerable to: GO-2022-0646","Warn: Project is vulnerable to: GO-2025-3528 / GHSA-265r-hfxg-fhmg","Warn: Project is vulnerable to: GO-2025-3503 / GHSA-qxp5-gwg8-xv66","Warn: Project is vulnerable to: GO-2025-3595 / GHSA-vvgc-356p-c3xw"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"SAST","score":7,"reason":"SAST tool is not run on all commits -- score normalized to 7","details":["Warn: 22 commits out of 30 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}}]},"last_synced_at":"2025-08-18T06:25:42.692Z","repository_id":37301395,"created_at":"2025-08-18T06:25:42.692Z","updated_at":"2025-08-18T06:25:42.692Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":32371720,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-27T20:07:02.737Z","status":"online","status_checked_at":"2026-04-28T02:00:07.250Z","response_time":56,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["bigquery","cdp","customer-data","customer-data-lake","customer-data-pipeline","customer-data-platform","data-engineering","data-integration","data-pipeline","data-synchronization","data-warehouse","elt","etl","event-streaming","privacy","redshift","segment-alternative","snowflake","warehouse-management","warehouse-native"],"created_at":"2024-07-30T17:00:55.053Z","updated_at":"2026-04-28T08:05:45.857Z","avatar_url":"https://github.com/rudderlabs.png","language":"Go","funding_links":[],"categories":["E-Commerce \u0026 Business","Go","开发运维工具","Table of Contents","Apps","Data Ingestion","privacy","Repositories","Workflow"],"sub_categories":["Data Pipeline","Analytics"],"readme":"\u003cp align=\"center\"\u003e\n📖 Just launched \u003cb\u003e\u003ca href=\"https://www.rudderstack.com/learn/\"\u003eData Learning Center\u003c/a\u003e\u003c/b\u003e - Resources on data engineering and data infrastructure\n  \u003cbr/\u003e\n \u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\n  \u003ca href=\"https://www.rudderstack.com/\"\u003e\n    \u003cimg src=\"resources/rs-logo-full-duotone-dark.jpg\" height=\"64px\"\u003e\n  \u003c/a\u003e\n\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\u003cb\u003eThe Customer Data Platform for Developers\u003c/b\u003e\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\n  \u003ca href=\"https://github.com/rudderlabs/rudder-server/actions/workflows/tests.yaml\"\u003e\n    \u003cimg src=\"https://github.com/rudderlabs/rudder-server/actions/workflows/tests.yaml/badge.svg\"\u003e\n  \u003c/a\u003e\n  \u003ca href=\"https://github.com/rudderlabs/rudder-server/actions/workflows/builds.yml\"\u003e\n    \u003cimg src=\"https://github.com/rudderlabs/rudder-server/actions/workflows/builds.yml/badge.svg\"\u003e\n  \u003c/a\u003e\n  \u003ca href=\"https://goreportcard.com/report/github.com/rudderlabs/rudder-server\"\u003e\n    \u003cimg src=\"https://goreportcard.com/badge/github.com/rudderlabs/rudder-server\"\u003e\n  \u003c/a\u003e\n  \u003ca href=\"https://github.com/rudderlabs/rudder-server/releases\"\u003e\n    \u003cimg src=\"https://img.shields.io/github/v/release/rudderlabs/rudder-server?color=blue\u0026sort=semver\"\u003e\n  \u003c/a\u003e\n  \u003ca href=\"https://www.rudderstack.com/docs/get-started/installing-and-setting-up-rudderstack/docker/\"\u003e\n    \u003cimg src=\"https://img.shields.io/docker/pulls/rudderlabs/rudder-server\"\u003e\n  \u003c/a\u003e\n  \u003ca href=\"https://github.com/rudderlabs/rudder-server/blob/master/LICENSE\"\u003e\n    \u003cimg src=\"https://img.shields.io/static/v1?label=license\u0026message=ELv2\u0026color=7447fc\"\u003e\n  \u003c/a\u003e\n\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\n  \u003cb\u003e\n    \u003ca href=\"https://www.rudderstack.com/\"\u003eWebsite\u003c/a\u003e\n    ·\n    \u003ca href=\"https://www.rudderstack.com/docs/\"\u003eDocumentation\u003c/a\u003e\n    ·\n    \u003ca href=\"https://github.com/rudderlabs/rudder-server/blob/master/CHANGELOG.md\"\u003eChangelog\u003c/a\u003e\n    ·\n    \u003ca href=\"https://www.rudderstack.com/blog/\"\u003eBlog\u003c/a\u003e\n    ·\n    \u003ca href=\"https://www.rudderstack.com/join-rudderstack-slack-community/\"\u003eSlack\u003c/a\u003e\n    ·\n    \u003ca href=\"https://twitter.com/rudderstack\"\u003eTwitter\u003c/a\u003e\n  \u003c/b\u003e\n\u003c/p\u003e\n\n---\n\nAs the leading open source Customer Data Platform (CDP), [**RudderStack**](https://www.rudderstack.com/) provides data pipelines that make it easy to collect data from every application, website and SaaS platform, then activate it in your warehouse and business tools.\n\nWith RudderStack, you can build customer data pipelines that connect your whole customer data stack and then make them smarter by triggering enrichment and activation in customer tools based on analysis in your data warehouse. It's easy-to-use SDKs and event source integrations, Cloud Extract integrations, transformations, and expansive library of destination and warehouse integrations makes building customer data pipelines for both event streaming and cloud-to-warehouse ELT simple.\n\n\u003cp align=\"center\"\u003e\n  \u003ca href=\"https://www.rudderstack.com/\"\u003e\n    \u003cimg src=\"https://user-images.githubusercontent.com/59817155/121468374-4ef91e00-c9d8-11eb-8611-28bea18f609d.gif\" alt=\"RudderStack\"\u003e\n  \u003c/a\u003e\n\u003c/p\u003e\n\n| Try **RudderStack Cloud Free** - a free tier of [**RudderStack Cloud**](https://www.rudderstack.com/cloud/). Click [**here**](https://app.rudderstack.com/signup?type=freetrial) to start building a smarter customer data pipeline today, with RudderStack Cloud. |\n| :----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |\n\n## Key features\n\n- **Warehouse-first**: RudderStack treats your data warehouse as a first class citizen among destinations, with advanced features and configurable, near real-time sync.\n\n- **Developer-focused**: RudderStack is built API-first. It integrates seamlessly with the tools that the developers already use and love.\n\n- **High Availability**: RudderStack comes with at least 99.99% uptime. We have built a sophisticated error handling and retry system that ensures that your data will be delivered even in the event of network partitions or destinations downtime.\n\n- **Privacy and Security**: You can collect and store your customer data without sending everything to a third-party vendor. With RudderStack, you get fine-grained control over what data to forward to which analytical tool.\n\n- **Unlimited Events**: Event volume-based pricing of most of the commercial systems is broken. With RudderStack Open Source, you can collect as much data as possible without worrying about overrunning your event budgets.\n\n- **Segment API-compatible**: RudderStack is fully compatible with the Segment API. So you don't need to change your app if you are using Segment; just integrate the RudderStack SDKs into your app and your events will keep flowing to the destinations (including data warehouses) as before.\n\n- **Production-ready**: Companies like Mattermost, IFTTT, Torpedo, Grofers, 1mg, Nana, OnceHub, and dozens of large companies use RudderStack for collecting their events.\n\n- **Seamless Integration**: RudderStack currently supports integration with over 90 popular [**tool**](https://www.rudderstack.com/docs/destinations/) and [**warehouse**](https://www.rudderstack.com/docs/data-warehouse-integrations/) destinations.\n\n- **User-specified Transformation**: RudderStack offers a powerful JavaScript-based event transformation framework which lets you enhance or transform your event data by combining it with your other internal data. Furthermore, as RudderStack runs inside your cloud or on-premise environment, you can easily access your production data to join with the event data.\n\n## Get started\n\nThe easiest way to experience RudderStack is to [**sign up**](https://app.rudderstack.com/signup?type=freetrial) for **RudderStack Cloud Free** - a completely free tier of [**RudderStack Cloud**](https://www.rudderstack.com/cloud/).\n\nYou can also set up RudderStack on your platform of choice with these two easy steps:\n\n### Step 1: Set up RudderStack\n\n- [**Docker**](https://www.rudderstack.com/docs/rudderstack-open-source/installing-and-setting-up-rudderstack/docker/)\n- [**Kubernetes**](https://www.rudderstack.com/docs/rudderstack-open-source/installing-and-setting-up-rudderstack/kubernetes/)\n- [**Developer machine setup**](https://www.rudderstack.com/docs/rudderstack-open-source/installing-and-setting-up-rudderstack/developer-machine-setup/)\n\n\u003e **Note**: If you are planning to use RudderStack in production, we STRONGLY recommend using our Kubernetes Helm charts. We update our Docker images with bug fixes much more frequently than our GitHub repo.\n\n### Step 2: Verify the installation\n\nOnce you have installed RudderStack, [**send test events**](https://www.rudderstack.com/docs/get-started/installing-and-setting-up-rudderstack/sending-test-events/) to verify the setup.\n\n## Architecture\n\nRudderStack is an independent, stand-alone system with a dependency only on the database (PostgreSQL). Its backend is written in **Go** with a rich UI written in **React.js**.\n\nA high-level view of RudderStack’s architecture is shown below:\n\n![Architecture](resources/rudder-server-architecture.png)\n\nFor more details on the various architectural components, refer to our [**documentation**](https://www.rudderstack.com/docs/get-started/rudderstack-architecture/).\n\n## Contribute\n\nWe would love to see you contribute to RudderStack. Get more information on how to contribute [**here**](https://github.com/rudderlabs/rudder-server/blob/master/CONTRIBUTING.md).\n\n## License\n\nRudderStack server is released under the [**Elastic License 2.0**](LICENSE).\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frudderlabs%2Frudder-server","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Frudderlabs%2Frudder-server","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frudderlabs%2Frudder-server/lists"}