{"id":35743807,"url":"https://github.com/seedcase-project/check-datapackage","last_synced_at":"2026-04-15T10:01:08.612Z","repository":{"id":312703826,"uuid":"1048349917","full_name":"seedcase-project/check-datapackage","owner":"seedcase-project","description":"Ensure the compliance of your Data Package metadata","archived":false,"fork":false,"pushed_at":"2026-04-14T07:38:00.000Z","size":2575,"stargazers_count":0,"open_issues_count":31,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2026-04-14T09:27:36.694Z","etag":null,"topics":["check","compliance","data-package","frictionless-data","frictionlessdata","metadata-check","metadata-management","metadata-verification","verification"],"latest_commit_sha":null,"homepage":"https://check-datapackage.seedcase-project.org","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/seedcase-project.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE.md","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":"CITATION.cff","codeowners":".github/CODEOWNERS","security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2025-09-01T10:01:15.000Z","updated_at":"2026-04-13T17:51:46.000Z","dependencies_parsed_at":"2026-03-19T21:04:04.630Z","dependency_job_id":null,"html_url":"https://github.com/seedcase-project/check-datapackage","commit_stats":null,"previous_names":["seedcase-project/check-datapackage"],"tags_count":57,"template":false,"template_full_name":null,"purl":"pkg:github/seedcase-project/check-datapackage","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/seedcase-project%2Fcheck-datapackage","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/seedcase-project%2Fcheck-datapackage/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/seedcase-project%2Fcheck-datapackage/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/seedcase-project%2Fcheck-datapackage/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/seedcase-project","download_url":"https://codeload.github.com/seedcase-project/check-datapackage/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/seedcase-project%2Fcheck-datapackage/sbom","scorecard":{"id":1236684,"data":{"date":"2025-09-01T12:47:33Z","repo":{"name":"github.com/seedcase-project/check-datapackage","commit":"7c75f4693911a4f914200638dcf5c41153e7ce38"},"scorecard":{"version":"v5.2.1","commit":"ab2f6e92482462fe66246d9e32f642855a691dc1"},"score":6.7,"checks":[{"name":"Code-Review","score":7,"reason":"Found 6/8 approved changesets -- score normalized to 7","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#code-review"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#dangerous-workflow"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#packaging"}},{"name":"Dependency-Update-Tool","score":10,"reason":"update tool detected","details":["Info: detected update tool: Dependabot: .github/dependabot.yml:1"],"documentation":{"short":"Determines if the project uses a dependency update tool.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#dependency-update-tool"}},{"name":"Maintained","score":0,"reason":"project was created within the last 90 days. Please review its contents carefully","details":["Warn: Repository was created within the last 90 days."],"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#maintained"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#binary-artifacts"}},{"name":"Token-Permissions","score":10,"reason":"GitHub workflow tokens follow principle of least privilege","details":["Warn: jobLevel 'contents' permission set to 'write': .github/workflows/build-package.yml:19","Warn: jobLevel 'contents' permission set to 'write': .github/workflows/release-package.yml:16","Warn: jobLevel 'security-events' permission set to 'write': .github/workflows/scorecards.yml:26","Info: topLevel permissions set to 'read-all': .github/workflows/add-to-project.yml:15","Info: topLevel permissions set to 'read-all': .github/workflows/build-package.yml:12","Info: topLevel permissions set to 'read-all': .github/workflows/build-website.yml:9","Info: topLevel permissions set to 'read-all': .github/workflows/dependency-review.yml:13","Info: topLevel permissions set to 'read-all': .github/workflows/release-package.yml:9","Info: topLevel permissions set to 'read-all': .github/workflows/scorecards.yml:18","Info: topLevel permissions set to 'read-all': .github/workflows/update-from-template.yml:10"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#token-permissions"}},{"name":"Pinned-Dependencies","score":10,"reason":"all dependencies are pinned","details":["Info:   3 out of   3 GitHub-owned GitHubAction dependencies pinned","Info:   3 out of   3 third-party GitHubAction dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#pinned-dependencies"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#vulnerabilities"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#cii-best-practices"}},{"name":"SAST","score":9,"reason":"SAST tool is not run on all commits -- score normalized to 9","details":["Warn: 11 commits out of 12 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#sast"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE.md:0","Info: FSF or OSI recognized license: MIT License: LICENSE.md:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":3,"reason":"branch protection is not maximal on development and all release branches","details":["Info: 'allow deletion' disabled on branch 'main'","Info: 'force pushes' disabled on branch 'main'","Info: 'branch protection settings apply to administrators' is required to merge on branch 'main'","Warn: could not determine whether codeowners review is allowed","Warn: no status checks found to merge onto branch 'main'","Warn: PRs are not required to make changes on branch 'main'; or we don't have data to detect it.If you think it might be the latter, make sure to run Scorecard with a PAT or use Repo Rules (that are always public) instead of Branch Protection settings"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#branch-protection"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#security-policy"}},{"name":"Contributors","score":0,"reason":"project has 0 contributing companies or organizations -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project has a set of contributors from multiple organizations (e.g., companies).","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#contributors"}},{"name":"CI-Tests","score":10,"reason":"7 out of 7 merged PRs checked by a CI test -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project runs tests before pull requests are merged.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#ci-tests"}}]},"last_synced_at":"2025-09-01T14:42:59.456Z","repository_id":312703826,"created_at":"2025-09-01T14:42:59.456Z","updated_at":"2025-09-01T14:42:59.456Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31835820,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-15T07:17:56.427Z","status":"ssl_error","status_checked_at":"2026-04-15T07:17:30.007Z","response_time":63,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["check","compliance","data-package","frictionless-data","frictionlessdata","metadata-check","metadata-management","metadata-verification","verification"],"created_at":"2026-01-06T16:22:13.784Z","updated_at":"2026-04-15T10:01:08.604Z","avatar_url":"https://github.com/seedcase-project.png","language":"Python","readme":"\n\n\u003c!-- NOTE: This README.md is auto-generated from README.qmd. Edit that file. --\u003e\n\n\u003cp align=\"center\"\u003e\n    \u003ca href=\"https://check-datapackage.seedcase-project.org/\"\u003e\n        \u003cimg src=\"https://raw.githubusercontent.com/seedcase-project/check-datapackage/main/_extensions/seedcase-project/seedcase-theme/logos/check-datapackage/navbar.svg\" alt=\"Link to Sprout website\" height=\"150\"/\u003e\n    \u003c/a\u003e\n\u003c/p\u003e\n\n# check-datapackage: Ensure the compliance of your Data Package metadata\n\n[![DOI](https://zenodo.org/badge/DOI/10.5281/zenodo.17733655.svg)](https://doi.org/10.5281/zenodo.17733655)\n[![PyPI\nVersion](https://img.shields.io/pypi/v/check-datapackage.svg)](https://pypi.org/project/check-datapackage/)\n[![Copier](https://img.shields.io/endpoint?url=https://raw.githubusercontent.com/copier-org/copier/master/img/badge/badge-grayscale-inverted-border-teal.json?raw=true.svg)](https://github.com/copier-org/copier)\n[![Python Version from PEP 621\nTOML](https://img.shields.io/python/required-version-toml?tomlFilePath=https://raw.githubusercontent.com/seedcase-project/check-datapackage/refs/heads/main/pyproject.toml)](https://github.com/seedcase-project/check-datapackage/blob/main/pyproject.toml)\n[![GitHub\nLicense](https://img.shields.io/github/license/seedcase-project/check-datapackage.svg)](https://github.com/seedcase-project/check-datapackage/blob/main/LICENSE.md)\n[![GitHub\nRelease](https://img.shields.io/github/v/release/seedcase-project/check-datapackage.svg)](https://github.com/seedcase-project/check-datapackage/releases/latest)\n[![Build\ndocumentation](https://github.com/seedcase-project/check-datapackage/actions/workflows/build-website.yml/badge.svg)](https://github.com/seedcase-project/check-datapackage/actions/workflows/build-website.yml)\n[![Check\npackage](https://github.com/seedcase-project/check-datapackage/actions/workflows/check-package.yml/badge.svg)](https://github.com/seedcase-project/check-datapackage/actions/workflows/check-package.yml)\n[![OpenSSF\nScorecard](https://api.scorecard.dev/projects/github.com/seedcase-project/check-datapackage/badge?raw=true.svg)](https://scorecard.dev/viewer/?uri=github.com/seedcase-project/check-datapackage)\n[![CodeQL](https://github.com/seedcase-project/check-datapackage/actions/workflows/github-code-scanning/codeql/badge.svg?branch=main)](https://github.com/seedcase-project/check-datapackage/actions/workflows/github-code-scanning/codeql)\n[![code\ncoverage](https://raw.githubusercontent.com/seedcase-project/check-datapackage/coverage/coverage.svg?raw=true)](https://raw.githack.com/seedcase-project/check-datapackage/coverage/index.html)\n[![pre-commit.ci\nstatus](https://results.pre-commit.ci/badge/github/seedcase-project/check-datapackage/main.svg)](https://results.pre-commit.ci/latest/github/seedcase-project/check-datapackage/main)\n[![lifecycle](https://lifecycle.r-lib.org/articles/figures/lifecycle-experimental.svg)](https://lifecycle.r-lib.org/articles/stages.html#experimental)\n[![Project Status: Active – The project has reached a stable, usable\nstate and is being actively\ndeveloped.](https://www.repostatus.org/badges/latest/active.svg)](https://www.repostatus.org/#active)\n\n`check-datapackage` is a Python package that checks your Data Package’s\nmetadata against the [Data Package standard](https://datapackage.org/)\nto ensure that it’s compliant with the standard. Specifically, it:\n\n- Checks your metadata in `datapackage.json` against the Data Package\n  standard.\n- Enables you to configure which components of the metadata should or\n  should not be checked.\n- Enables you to turn off specific checks defined in the standard.\n- Supports user-defined, custom checks.\n- Provides clear and user-friendly messages that point directly to where\n  issues occur in the metadata.\n- Supports a strict mode that enforces full compliance with the\n  standard, including properties that must and should be included.\n\n\u003e [!WARNING]\n\u003e\n\u003e `check-datapackage` only checks the metadata in your\n\u003e `datapackage.json` file against the Data Package standard—it does not\n\u003e check the data itself against the metadata.\n\n\u003e [!TIP]\n\u003e\n\u003e This Python package was generated from the\n\u003e [`template-python-package`](https://github.com/seedcase-project/template-python-package)\n\u003e Seedcase template :tada:\n\n## Project files and folders\n\n- `.github/`: Contains GitHub-specific files, such as issue and pull\n  request templates, workflows,\n  [dependabot](https://docs.github.com/en/code-security/tutorials/secure-your-dependencies/dependabot-quickstart-guide)\n  configuration, pull request templates, and a\n  [CODEOWNERS](https://docs.github.com/en/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/about-code-owners)\n  file.\n- `tools/vulture-allowlist.py`: List of variables that shouldn’t be\n  flagged by [Vulture](https://github.com/jendrikseipp/vulture) as\n  unused.\n- `tools/get-contributors.sh`: Script to get list of project\n  contributors.\n- `tests/`: Test files for the package.\n- `src/`: Source code for the package.\n- `docs/`: Documentation about using and developing the Python package.\n- `_renderer.py`: Custom\n  [`quartodoc`](https://machow.github.io/quartodoc/) renderer.\n- `pytest.ini`: Pytest configuration file.\n- `mypy.ini`: [`mypy`](https://mypy.readthedocs.io/en/stable/)\n  configuration file for type checking Python code.\n- `.copier-answers.yml`: Contains the answers you gave when copying the\n  project from the template. **You should not modify this file\n  directly.**\n- `.cz.toml`:\n  [Commitizen](https://commitizen-tools.github.io/commitizen/)\n  configuration file for managing versions and changelogs.\n- `.pre-commit-config.yaml`: [Pre-commit](https://pre-commit.com/)\n  configuration file for managing and running checks before each commit.\n- `.typos.toml`: [typos](https://github.com/crate-ci/typos) spell\n  checker configuration file.\n- `justfile`: [`just`](https://just.systems/man/en/) configuration file\n  for scripting project tasks.\n- `.editorconfig`: Editor configuration file for\n  [EditorConfig](https://editorconfig.org/) to maintain consistent\n  coding styles across different editors and IDEs.\n- `CHANGELOG.md`: Changelog file for tracking changes in the project.\n- `CITATION.cff`: Structured citation metadata for your project.\n- `CONTRIBUTING.md`: Guidelines for contributing to the project.\n- `_metadata.yml`: Quarto metadata file for the website, including\n  information about the project, such as the titles and GitHub names.\n- `pyproject.toml`: Main Python project configuration file defining\n  metadata and dependencies.\n- `_quarto.yml`: Quarto configuration file for the website, including\n  settings for the website, such as the theme, navigation, and other\n  options.\n- `ruff.toml`: [Ruff](https://docs.astral.sh/ruff/) configuration file\n  for linting and formatting Python code.\n- `uv.lock`: Lockfile used by [`uv`](https://docs.astral.sh/uv/) to\n  record exact versions of installed dependencies.\n- `.rumdl.toml`: [rumdl](https://rumdl.dev/) configuration file for\n  formatting Markdown files so that they are standardized and consistent\n\n## Contributing\n\nCheck out our [contributing document](CONTRIBUTING.md) for information\non how to contribute to the project, including how to set up your\ndevelopment environment.\n\nPlease note that this project is released with a [Contributor Code of\nConduct](CODE_OF_CONDUCT.md). By participating in this project you agree\nto abide by its terms.\n\n### Contributors\n\nThe following people have contributed to this project by submitting pull\nrequests :tada:\n\n[@lwjohnst86](https://github.com/lwjohnst86),\n[@signekb](https://github.com/signekb),\n[@martonvago](https://github.com/martonvago),\n[@joelostblom](https://github.com/joelostblom)\n\n## Licensing\n\nThis project is licensed under the [MIT License](LICENSE.md).\n\n## Changelog\n\nFor a list of changes, see our [changelog](CHANGELOG.md) page.\n\n## Citing\n\nThis project is part of the [Seedcase\nProject](https://seedcase-project.org), which is a collaborative effort\nto create a framework for data management and analysis in research. If\nyou use this project in your work, please cite it as follows:\n\nJohnston L.W., Brødbæk S.K., Beicher K., Vago M., Ostblom J. (2025).\nCheck Data Package: Ensure the correctness and compliance of your Data\nPackage DOI: 10.5281/zenodo.17733655 URL:\nhttps://check-datapackage.seedcase-project.org\n\nOr as a BibTeX entry:\n\n    @misc{YourReferenceHere,\n    author = {Johnston, Luke William and Brødbæk, Signe Kirk and Beicher, Kristiane and Vago, Marton and Ostblom, Joel},\n    doi = {10.5281/zenodo.17733655},\n    month = {11},\n    title = {Check Data Package: Ensure the correctness and compliance of your Data Package},\n    url = {https://check-datapackage.seedcase-project.org},\n    year = {2025}\n    }\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fseedcase-project%2Fcheck-datapackage","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fseedcase-project%2Fcheck-datapackage","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fseedcase-project%2Fcheck-datapackage/lists"}