{"id":13510280,"url":"https://github.com/scality/cloudserver","last_synced_at":"2026-02-05T20:14:33.364Z","repository":{"id":37398571,"uuid":"60165924","full_name":"scality/cloudserver","owner":"scality","description":"Zenko CloudServer, an open-source Node.js implementation of the Amazon S3 protocol on the front-end and backend storage capabilities to multiple clouds, including Azure and Google.","archived":false,"fork":false,"pushed_at":"2026-01-19T22:29:50.000Z","size":60245,"stargazers_count":1878,"open_issues_count":102,"forks_count":254,"subscribers_count":82,"default_branch":"development/9.2","last_synced_at":"2026-01-20T00:40:38.476Z","etag":null,"topics":["artesca","aws-s3","cloud","cloud-native","cloud-storage","docker","javascript","multiple-backends","nodejs","object-storage","s3-storage","storage","zenko"],"latest_commit_sha":null,"homepage":"https://www.zenko.io/cloudserver","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/scality.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2016-06-01T09:58:56.000Z","updated_at":"2026-01-19T18:33:18.000Z","dependencies_parsed_at":"2025-12-08T17:11:57.042Z","dependency_job_id":null,"html_url":"https://github.com/scality/cloudserver","commit_stats":{"total_commits":2980,"total_committers":85,"mean_commits":35.05882352941177,"dds":0.875503355704698,"last_synced_commit":"20d0b38d0b4f5ffea5795a0948607d97f9d2eb1c"},"previous_names":["scality/s3"],"tags_count":936,"template":false,"template_full_name":null,"purl":"pkg:github/scality/cloudserver","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/scality%2Fcloudserver","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/scality%2Fcloudserver/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/scality%2Fcloudserver/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/scality%2Fcloudserver/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/scality","download_url":"https://codeload.github.com/scality/cloudserver/tar.gz/refs/heads/development/9.2","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/scality%2Fcloudserver/sbom","scorecard":{"id":488792,"data":{"date":"2025-08-11","repo":{"name":"github.com/scality/cloudserver","commit":"15ac4c656a4312d7a31bc22bd8d91895e47df812"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":5,"checks":[{"name":"Code-Review","score":6,"reason":"Found 10/16 approved changesets -- score normalized to 6","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Maintained","score":10,"reason":"30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: Apache License 2.0: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Info: jobLevel 'contents' permission set to 'read': .github/workflows/tests.yaml:160","Warn: no topLevel permission defined: .github/workflows/alerts.yaml:1","Warn: no topLevel permission defined: .github/workflows/codeql.yaml:1","Warn: no topLevel permission defined: .github/workflows/dependency-review.yaml:1","Warn: no topLevel permission defined: .github/workflows/release.yaml:1","Info: topLevel 'contents' permission set to 'read': .github/workflows/tests.yaml:74","Warn: topLevel 'packages' permission set to 'write': .github/workflows/tests.yaml:75","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Branch-Protection","score":1,"reason":"branch protection is not maximal on development and all release branches","details":["Warn: 'allow deletion' enabled on branch 'development/9.0'","Info: 'force pushes' disabled on branch 'development/9.0'","Info: required approving review count is 2 on branch 'development/9.0'","Warn: codeowners review is not required on branch 'development/9.0'","Warn: no status checks found to merge onto branch 'development/9.0'","Info: PRs are required in order to make changes on branch 'development/9.0'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Packaging","score":10,"reason":"packaging workflow detected","details":["Info: Project packages its releases by way of GitHub Actions.: .github/workflows/release.yaml:16"],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Info: Possibly incomplete results: error parsing shell code: \"foo(\" must be followed by ): bin/create_encrypted_bucket.js:0","Info: Possibly incomplete results: error parsing shell code: a command can only contain words and redirects; encountered (: bin/search_bucket.js:0","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/alerts.yaml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/alerts.yaml/development/9.0?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/alerts.yaml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/alerts.yaml/development/9.0?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yaml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/codeql.yaml/development/9.0?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yaml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/codeql.yaml/development/9.0?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yaml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/codeql.yaml/development/9.0?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/dependency-review.yaml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/dependency-review.yaml/development/9.0?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/dependency-review.yaml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/dependency-review.yaml/development/9.0?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yaml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/release.yaml/development/9.0?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yaml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/release.yaml/development/9.0?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yaml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/release.yaml/development/9.0?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yaml:47: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/release.yaml/development/9.0?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yaml:56: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/release.yaml/development/9.0?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yaml:72: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/release.yaml/development/9.0?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:827: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:828: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yaml:832: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yaml:942: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:242: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yaml:244: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yaml:271: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yaml:278: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:302: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yaml:322: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yaml:329: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:415: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yaml:438: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yaml:445: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:467: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yaml:484: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yaml:491: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:523: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yaml:542: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yaml:549: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:82: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:83: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:92: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:111: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:112: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yaml:130: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yaml:136: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yaml:148: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:164: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yaml:167: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yaml:170: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yaml:177: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yaml:191: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yaml:207: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yaml:220: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:355: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yaml:376: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yaml:383: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:580: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yaml:602: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yaml:609: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:632: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:633: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yaml:671: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:696: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yaml:698: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yaml:705: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yaml:756: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yaml:763: update your workflow using https://app.stepsecurity.io/secureworkflow/scality/cloudserver/tests.yaml/development/9.0?enable=pin","Warn: containerImage not pinned by hash: .github/ceph/Dockerfile:1: pin your Docker image by updating ceph/daemon:v3.2.1-stable-3.2-mimic-centos-7 to ceph/daemon:v3.2.1-stable-3.2-mimic-centos-7@sha256:cd5a71bce6c83a8eeab5ea0ad261aece73bb43327410ea952290bb3cbb13c4bb","Warn: containerImage not pinned by hash: .github/docker/mongodb/Dockerfile:1: pin your Docker image by updating mongo:5.0.21 to mongo:5.0.21@sha256:7c81758cb2950b7e26bea6c9f1e0ce0da0cdc2fde040c70cfef4d957ccf23c52","Warn: containerImage not pinned by hash: .github/docker/sproxyd/Dockerfile:1","Warn: containerImage not pinned by hash: .github/pykmip/Dockerfile:1: pin your Docker image by updating python:3.10-alpine to python:3.10-alpine@sha256:24cab748bf7bd8e3d2f9bb4e5771f17b628417527a4e1f2c59c370c2a8a27f1c","Warn: containerImage not pinned by hash: Dockerfile:3","Warn: containerImage not pinned by hash: Dockerfile:33","Warn: containerImage not pinned by hash: DockerfileMem:1: pin your Docker image by updating node:6-slim to node:6-slim@sha256:2cdb3951bc2cd934a056b1b1ff2224da2c092f28a6ac73133d76ce72dc54252e","Warn: containerImage not pinned by hash: images/federation/Dockerfile:2","Warn: containerImage not pinned by hash: images/federation/Dockerfile:5","Warn: containerImage not pinned by hash: images/federation/Dockerfile:12","Warn: containerImage not pinned by hash: tests/deps/squid/Dockerfile:1: pin your Docker image by updating alpine:3.7 to alpine:3.7@sha256:8421d9a84432575381bfabd248f1eb56f3aa21d9d7cd2511583c68c9b7511d10","Warn: pipCommand not pinned by hash: .github/ceph/Dockerfile:19-23","Warn: npmCommand not pinned by hash: Dockerfile:25-27","Warn: pipCommand not pinned by hash: .github/workflows/tests.yaml:98","Info:   0 out of  25 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of  37 third-party GitHubAction dependencies pinned","Info:   0 out of  11 containerImage dependencies pinned","Info:   0 out of   2 pipCommand dependencies pinned","Info:   0 out of   1 npmCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"SAST","score":9,"reason":"SAST tool detected but not run on all commits","details":["Info: SAST configuration detected: CodeQL","Warn: 20 commits out of 26 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":0,"reason":"103 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: PYSEC-2021-421 / GHSA-h4m5-qpfp-3mpv","Warn: Project is vulnerable to: PYSEC-2022-42986 / GHSA-43fp-rhv2-5gv8","Warn: Project is vulnerable to: PYSEC-2023-135 / GHSA-xqr8-7jwr-rhp7","Warn: Project is vulnerable to: PYSEC-2024-60 / GHSA-jjg7-2v4v-x38h","Warn: Project is vulnerable to: PYSEC-2019-217 / GHSA-462w-v97r-4m45","Warn: Project is vulnerable to: GHSA-cpwx-vrp4-4pq7","Warn: Project is vulnerable to: PYSEC-2021-66 / GHSA-g3rq-g295-4j3m","Warn: Project is vulnerable to: GHSA-h5c8-rqwp-cp95","Warn: Project is vulnerable to: GHSA-h75v-3vvj-5mfj","Warn: Project is vulnerable to: GHSA-q2x7-8rv6-6q7h","Warn: Project is vulnerable to: PYSEC-2021-140 / GHSA-9w8r-397f-prfh","Warn: Project is vulnerable to: PYSEC-2023-117 / GHSA-mrwq-x4v8-fh7p","Warn: Project is vulnerable to: PYSEC-2021-141 / GHSA-pq64-v7f5-gqh8","Warn: Project is vulnerable to: GHSA-9hjg-9r4m-mvj7","Warn: Project is vulnerable to: GHSA-9wx4-h78v-vm56","Warn: Project is vulnerable to: PYSEC-2023-74 / GHSA-j8r2-6x86-q33q","Warn: Project is vulnerable to: GHSA-34jh-p97f-mpxf","Warn: Project is vulnerable to: PYSEC-2023-212 / GHSA-g4mx-q9vg-27p4","Warn: Project is vulnerable to: PYSEC-2023-207 / GHSA-gwvm-45gx-3cf8","Warn: Project is vulnerable to: PYSEC-2019-133 / GHSA-mh33-7rrq-662w","Warn: Project is vulnerable to: GHSA-pq67-6m6q-mj2v","Warn: Project is vulnerable to: PYSEC-2019-132 / GHSA-r64q-w8jr-g9qp","Warn: Project is vulnerable to: PYSEC-2023-192 / GHSA-v845-jxx5-vc9f","Warn: Project is vulnerable to: PYSEC-2020-148 / GHSA-wqvq-5m8c-6g24","Warn: Project is vulnerable to: PYSEC-2021-108","Warn: Project is vulnerable to: GHSA-c28r-hw5m-5gv3","Warn: Project is vulnerable to: GHSA-h46c-h94j-95f3","Warn: Project is vulnerable to: GHSA-wf8f-6423-gfxg","Warn: Project is vulnerable to: GHSA-288c-cq4h-88gq","Warn: Project is vulnerable to: GHSA-4gq5-ch57-c2mg","Warn: Project is vulnerable to: GHSA-4w82-r329-3q67","Warn: Project is vulnerable to: GHSA-57j2-w4cx-62h2","Warn: Project is vulnerable to: GHSA-5949-rw7g-wx7w","Warn: Project is vulnerable to: GHSA-5r5r-6hpj-8gg9","Warn: Project is vulnerable to: GHSA-5ww9-j83m-q7qx","Warn: Project is vulnerable to: GHSA-645p-88qh-w398","Warn: Project is vulnerable to: GHSA-6fpp-rgj9-8rwc","Warn: Project is vulnerable to: GHSA-85cw-hj65-qqv9","Warn: Project is vulnerable to: GHSA-89qr-369f-5m5x","Warn: Project is vulnerable to: GHSA-8c4j-34r4-xr8g","Warn: Project is vulnerable to: GHSA-8w26-6f25-cm9x","Warn: Project is vulnerable to: GHSA-9gph-22xh-8x98","Warn: Project is vulnerable to: GHSA-9m6f-7xcq-8vf8","Warn: Project is vulnerable to: GHSA-c8hm-7hpq-7jhg","Warn: Project is vulnerable to: GHSA-cf6r-3wgc-h863","Warn: Project is vulnerable to: GHSA-cggj-fvv3-cqwv","Warn: Project is vulnerable to: GHSA-cjjf-94ff-43w7","Warn: Project is vulnerable to: GHSA-cmfg-87vq-g5g4","Warn: Project is vulnerable to: GHSA-cvm9-fjm9-3572","Warn: Project is vulnerable to: GHSA-f3j5-rmmp-3fc5","Warn: Project is vulnerable to: GHSA-f9xh-2qgp-cq57","Warn: Project is vulnerable to: GHSA-fmmc-742q-jg75","Warn: Project is vulnerable to: GHSA-fqwf-pjwf-7vqv","Warn: Project is vulnerable to: GHSA-gjmw-vf9h-g25v","Warn: Project is vulnerable to: GHSA-gwp4-hfv6-p7hw","Warn: Project is vulnerable to: GHSA-gww7-p5w4-wrfv","Warn: Project is vulnerable to: GHSA-h3cw-g4mq-c5x2","Warn: Project is vulnerable to: GHSA-h592-38cm-4ggp","Warn: Project is vulnerable to: GHSA-h822-r4r5-v8jg","Warn: Project is vulnerable to: GHSA-jjjh-jjxp-wpff","Warn: Project is vulnerable to: GHSA-m6x4-97wx-4q27","Warn: Project is vulnerable to: GHSA-mph4-vhrx-mv67","Warn: Project is vulnerable to: GHSA-mx7p-6679-8g3q","Warn: Project is vulnerable to: GHSA-p43x-xfjf-5jhr","Warn: Project is vulnerable to: GHSA-q93h-jc49-78gg","Warn: Project is vulnerable to: GHSA-qjw2-hr98-qgfh","Warn: Project is vulnerable to: GHSA-qr7j-h6gg-jmgc","Warn: Project is vulnerable to: GHSA-qxxx-2pp7-5hmx","Warn: Project is vulnerable to: GHSA-r3gr-cxrf-hg25","Warn: Project is vulnerable to: GHSA-r695-7vr9-jgc2","Warn: Project is vulnerable to: GHSA-rfx6-vp9g-rh7v","Warn: Project is vulnerable to: GHSA-rgv9-q543-rqg4","Warn: Project is vulnerable to: GHSA-rpr3-cw39-3pxh","Warn: Project is vulnerable to: GHSA-v585-23hc-c647","Warn: Project is vulnerable to: GHSA-vfqx-33qm-g869","Warn: Project is vulnerable to: GHSA-w3f4-3q6j-rh82","Warn: Project is vulnerable to: GHSA-wh8g-3j2c-rqj5","Warn: Project is vulnerable to: GHSA-269g-pwp5-87pp","Warn: Project is vulnerable to: GHSA-7r82-7xv7-xcpj","Warn: Project is vulnerable to: GHSA-264p-99wq-f4j6","Warn: Project is vulnerable to: GHSA-xffm-g5w8-qvg7","Warn: Project is vulnerable to: GHSA-4w2v-q235-vp99","Warn: Project is vulnerable to: GHSA-cph5-m8f7-6c5x","Warn: Project is vulnerable to: GHSA-wf5p-g6vw-rhxx","Warn: Project is vulnerable to: GHSA-jr5f-v2jv-69x6","Warn: Project is vulnerable to: GHSA-xq7p-g2vc-g82p","Warn: Project is vulnerable to: GHSA-wrw9-m778-g6mc","Warn: Project is vulnerable to: GHSA-pp7h-53gx-mx7r","Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw","Warn: Project is vulnerable to: GHSA-74fj-2j2h-c42q","Warn: Project is vulnerable to: GHSA-pw2r-vq6v-hr8c","Warn: Project is vulnerable to: GHSA-jchw-25xp-jwwc","Warn: Project is vulnerable to: GHSA-cxjh-pqwp-8mfp","Warn: Project is vulnerable to: GHSA-fjxv-7rqg-78g4","Warn: Project is vulnerable to: GHSA-5rrq-pxf6-6jx5","Warn: Project is vulnerable to: GHSA-8fr3-hfg3-gpgp","Warn: Project is vulnerable to: GHSA-gf8q-jrpm-jvxq","Warn: Project is vulnerable to: GHSA-2r2c-g63r-vccr","Warn: Project is vulnerable to: GHSA-cfm4-qjh2-4765","Warn: Project is vulnerable to: GHSA-x4jg-mjrx-434g","Warn: Project is vulnerable to: GHSA-p8p7-x288-28g6","Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw","Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-19T18:31:36.050Z","repository_id":37398571,"created_at":"2025-08-19T18:31:36.050Z","updated_at":"2025-08-19T18:31:36.050Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28618721,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-20T22:24:05.405Z","status":"ssl_error","status_checked_at":"2026-01-20T22:20:31.342Z","response_time":117,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["artesca","aws-s3","cloud","cloud-native","cloud-storage","docker","javascript","multiple-backends","nodejs","object-storage","s3-storage","storage","zenko"],"created_at":"2024-08-01T02:01:31.858Z","updated_at":"2026-01-20T23:13:07.522Z","avatar_url":"https://github.com/scality.png","language":"JavaScript","readme":"# Zenko CloudServer\n\n![Zenko CloudServer logo](res/scality-cloudserver-logo.png)\n\n[![Docker Pulls][badgedocker]](https://hub.docker.com/r/zenko/cloudserver)\n[![Docker Pulls][badgetwitter]](https://twitter.com/zenko)\n\n## Build Status\n\n![Public Build Status][badgepub]\n![Private Build Status][badgepriv]\n\n## Overview\n\nCloudServer (formerly S3 Server) is an open-source Amazon S3-compatible\nobject storage server that is part of [Zenko](https://www.zenko.io),\nScality’s Open Source Multi-Cloud Data Controller.\n\nCloudServer provides a single AWS S3 API interface to access multiple\nbackend data storage both on-premise or public in the cloud.\n\nCloudServer is useful for Developers, either to run as part of a\ncontinous integration test environment to emulate the AWS S3 service locally\nor as an abstraction layer to develop object storage enabled\napplication on the go.\n\n## Learn more at [www.zenko.io/cloudserver](https://www.zenko.io/cloudserver/)\n\n## [May I offer you some lovely documentation?](http://s3-server.readthedocs.io/en/latest/)\n\n## Docker\n\n[Run your Zenko CloudServer with Docker](https://hub.docker.com/r/zenko/cloudserver/)\n\n## Contributing\n\nIn order to contribute, please follow the\n[Contributing Guidelines](https://github.com/scality/Guidelines/blob/master/CONTRIBUTING.md).\n\n## Installation\n\n### Dependencies\n\nBuilding and running the Zenko CloudServer requires node.js 10.x and yarn v1.17.x\n. Up-to-date versions can be found at\n[Nodesource](https://github.com/nodesource/distributions).\n\n### Clone source code\n\n```shell\ngit clone https://github.com/scality/cloudserver.git\n```\n\n### Install js dependencies\n\nGo to the ./cloudserver folder,\n\n```shell\nyarn install --frozen-lockfile\n```\n\nIf you get an error regarding installation of the diskUsage module,\nplease install g++.\n\nIf you get an error regarding level-down bindings, try clearing your yarn cache:\n\n```shell\nyarn cache clean\n```\n\n#### Install typescript\n\nTo use CloudServer, subaclient is needed. This package need typescript to be compiled.\n\n```shell\nnpm install -g typescript\n```\n\n## Run it with a file backend\n\n```shell\nyarn start\n```\n\nThis starts a Zenko CloudServer on port 8000. Two additional ports 9990 and\n9991 are also open locally for internal transfer of metadata and data,\nrespectively.\n\nThe default access key is accessKey1 with\na secret key of verySecretKey1.\n\nBy default the metadata files will be saved in the\nlocalMetadata directory and the data files will be saved\nin the localData directory within the ./S3 directory on your\nmachine. These directories have been pre-created within the\nrepository. If you would like to save the data or metadata in\ndifferent locations of your choice, you must specify them with absolute paths.\nSo, when starting the server:\n\n```shell\nmkdir -m 700 $(pwd)/myFavoriteDataPath\nmkdir -m 700 $(pwd)/myFavoriteMetadataPath\nexport S3DATAPATH=\"$(pwd)/myFavoriteDataPath\"\nexport S3METADATAPATH=\"$(pwd)/myFavoriteMetadataPath\"\nyarn start\n```\n\n## Run it with a memory backend\n\nIf you want to run the Zenko CloudServer with an in-memory backend,\nyou can do so by setting the `S3DATA` environment variable to `memory`.\nThis is useful for testing purposes or when you don't need persistent storage.\n\n```shell\nexport S3DATA=mem\nyarn start\n```\n\n## Run it with multiple data backends\n\n```shell\nexport S3DATA='multiple'\nyarn start\n```\n\nThis starts a Zenko CloudServer on port 8000.\nThe default access key is accessKey1 with\na secret key of verySecretKey1.\n\nWith multiple backends, you have the ability to\nchoose where each object will be saved by setting\nthe following header with a locationConstraint on\na PUT request:\n\n```shell\n'x-amz-meta-scal-location-constraint':'myLocationConstraint'\n```\n\nIf no header is sent with a PUT object request, the\nlocation constraint of the bucket will determine\nwhere the data is saved. If the bucket has no location\nconstraint, the endpoint of the PUT request will be\nused to determine location.\n\nSee the Configuration section in our documentation\n[here](http://s3-server.readthedocs.io/en/latest/GETTING_STARTED/#configuration)\nto learn how to set location constraints.\n\n## Run it with an in-memory backend\n\n```shell\nyarn run mem_backend\n```\n\nThis starts a Zenko CloudServer on port 8000.\nThe default access key is accessKey1 with\na secret key of verySecretKey1.\n\n## Run it with Vault user management\n\nNote: Vault is proprietary and must be accessed separately.\n\n```shell\nexport S3VAULT=vault\nyarn start\n```\n\nThis starts a Zenko CloudServer using Vault for user management.\n\n[badgetwitter]: https://img.shields.io/twitter/follow/zenko.svg?style=social\u0026label=Follow\n[badgedocker]: https://img.shields.io/docker/pulls/scality/s3server.svg\n[badgepub]: https://circleci.com/gh/scality/S3.svg?style=svg\n[badgepriv]: http://ci.ironmann.io/gh/scality/S3.svg?style=svg\u0026circle-token=1f105b7518b53853b5b7cf72302a3f75d8c598ae\n","funding_links":[],"categories":["HarmonyOS","JavaScript","Storage server and tools","nodejs","storage"],"sub_categories":["Windows Manager"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fscality%2Fcloudserver","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fscality%2Fcloudserver","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fscality%2Fcloudserver/lists"}