{"id":34358506,"url":"https://github.com/submitty/submitty","last_synced_at":"2026-03-15T10:56:55.724Z","repository":{"id":13544230,"uuid":"16236118","full_name":"Submitty/Submitty","owner":"Submitty","description":"Homework Submission, Automated Grading, and TA grading system.","archived":false,"fork":false,"pushed_at":"2026-03-07T02:54:25.000Z","size":98578,"stargazers_count":749,"open_issues_count":684,"forks_count":991,"subscribers_count":32,"default_branch":"main","last_synced_at":"2026-03-07T06:48:35.479Z","etag":null,"topics":["autograding","education","hacktoberfest","homework-server","submitty","teaching-tools"],"latest_commit_sha":null,"homepage":"http://submitty.org","language":"PHP","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"bsd-3-clause","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Submitty.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE-THIRD-PARTY.md","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":"SUPPORT.md","governance":null,"roadmap":null,"authors":"AUTHORS.md","dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2014-01-25T17:43:57.000Z","updated_at":"2026-03-07T03:50:32.000Z","dependencies_parsed_at":"2025-12-15T23:06:30.343Z","dependency_job_id":null,"html_url":"https://github.com/Submitty/Submitty","commit_stats":null,"previous_names":[],"tags_count":223,"template":false,"template_full_name":null,"purl":"pkg:github/Submitty/Submitty","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Submitty%2FSubmitty","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Submitty%2FSubmitty/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Submitty%2FSubmitty/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Submitty%2FSubmitty/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Submitty","download_url":"https://codeload.github.com/Submitty/Submitty/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Submitty%2FSubmitty/sbom","scorecard":{"id":79513,"data":{"date":"2025-08-04","repo":{"name":"github.com/Submitty/Submitty","commit":"4a2707d38d8dff3e6441c8798d4c5387565091c2"},"scorecard":{"version":"v5.2.1-28-gc1d103a9","commit":"c1d103a9bb9f635ec7260bf9aa0699466fa4be0e"},"score":4.8,"checks":[{"name":"Maintained","score":10,"reason":"30 commit(s) and 7 issue activity found in the last 90 days -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#maintained"}},{"name":"Security-Policy","score":10,"reason":"security policy file detected","details":["Info: security policy file detected: SECURITY.md:1","Info: Found linked content: SECURITY.md:1","Info: Found disclosure, vulnerability, and/or timelines in security policy: SECURITY.md:1","Info: Found text in security policy: SECURITY.md:1"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#security-policy"}},{"name":"Code-Review","score":10,"reason":"all changesets reviewed","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#code-review"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#cii-best-practices"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE.md:0","Info: FSF or OSI recognized license: BSD 3-Clause \"New\" or \"Revised\" License: LICENSE.md:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#license"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#packaging"}},{"name":"Dangerous-Workflow","score":0,"reason":"dangerous workflow patterns detected","details":["Warn: script injection with untrusted input ' github.event.issue.title ': .github/workflows/notify_issues.yml:13"],"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#dangerous-workflow"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Info: jobLevel 'contents' permission set to 'read': .github/workflows/first_pr_open.yml:12","Info: jobLevel 'contents' permission set to 'read': .github/workflows/label_stale_prs.yml:11","Warn: no topLevel permission defined: .github/workflows/bump_repo.yml:1","Warn: no topLevel permission defined: .github/workflows/ci.yml:1","Warn: no topLevel permission defined: .github/workflows/documentation_check.yml:1","Warn: no topLevel permission defined: .github/workflows/first_issue_reply.yml:1","Warn: no topLevel permission defined: .github/workflows/first_pr_open.yml:1","Warn: no topLevel permission defined: .github/workflows/label_stale_prs.yml:1","Warn: no topLevel permission defined: .github/workflows/localization_up.yml:1","Warn: no topLevel permission defined: .github/workflows/move_to_in_review.yml:1","Warn: no topLevel permission defined: .github/workflows/notify_issues.yml:1","Warn: no topLevel permission defined: .github/workflows/notify_main_fail.yml:1","Info: topLevel 'contents' permission set to 'read': .github/workflows/save_vm.yaml:9","Warn: no topLevel permission defined: .github/workflows/sort_draft_prs.yml:1","Info: topLevel 'contents' permission set to 'read': .github/workflows/vagrant_up.yaml:9","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#token-permissions"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#branch-protection"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#signed-releases"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#binary-artifacts"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#fuzzing"}},{"name":"Pinned-Dependencies","score":1,"reason":"dependency not pinned by hash detected -- score normalized to 1","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/bump_repo.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/Submitty/Submitty/bump_repo.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/bump_repo.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/Submitty/Submitty/bump_repo.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/bump_repo.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/Submitty/Submitty/bump_repo.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:340: update your workflow using https://app.stepsecurity.io/secureworkflow/Submitty/Submitty/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:353: update your workflow using https://app.stepsecurity.io/secureworkflow/Submitty/Submitty/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:359: update your workflow using https://app.stepsecurity.io/secureworkflow/Submitty/Submitty/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:436: update your workflow using https://app.stepsecurity.io/secureworkflow/Submitty/Submitty/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:447: update your workflow using https://app.stepsecurity.io/secureworkflow/Submitty/Submitty/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:638: update your workflow using https://app.stepsecurity.io/secureworkflow/Submitty/Submitty/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:930: update your workflow using https://app.stepsecurity.io/secureworkflow/Submitty/Submitty/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:126: update your workflow using https://app.stepsecurity.io/secureworkflow/Submitty/Submitty/ci.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:127: update your workflow using https://app.stepsecurity.io/secureworkflow/Submitty/Submitty/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:134: update your workflow using https://app.stepsecurity.io/secureworkflow/Submitty/Submitty/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:153: update your workflow using https://app.stepsecurity.io/secureworkflow/Submitty/Submitty/ci.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:154: update your workflow using https://app.stepsecurity.io/secureworkflow/Submitty/Submitty/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:161: update your workflow using https://app.stepsecurity.io/secureworkflow/Submitty/Submitty/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:222: update your workflow using https://app.stepsecurity.io/secureworkflow/Submitty/Submitty/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:223: update your workflow using https://app.stepsecurity.io/secureworkflow/Submitty/Submitty/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:227: update your workflow using https://app.stepsecurity.io/secureworkflow/Submitty/Submitty/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:73: update your workflow using https://app.stepsecurity.io/secureworkflow/Submitty/Submitty/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:74: update your workflow using https://app.stepsecurity.io/secureworkflow/Submitty/Submitty/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:78: update your workflow using https://app.stepsecurity.io/secureworkflow/Submitty/Submitty/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:189: update your workflow using https://app.stepsecurity.io/secureworkflow/Submitty/Submitty/ci.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:190: update your workflow using https://app.stepsecurity.io/secureworkflow/Submitty/Submitty/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:199: update your workflow using https://app.stepsecurity.io/secureworkflow/Submitty/Submitty/ci.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:210: update your workflow using https://app.stepsecurity.io/secureworkflow/Submitty/Submitty/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:666: update your workflow using https://app.stepsecurity.io/secureworkflow/Submitty/Submitty/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:670: update your workflow using https://app.stepsecurity.io/secureworkflow/Submitty/Submitty/ci.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:686: update your workflow using https://app.stepsecurity.io/secureworkflow/Submitty/Submitty/ci.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:705: update your workflow using https://app.stepsecurity.io/secureworkflow/Submitty/Submitty/ci.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:718: update your workflow using https://app.stepsecurity.io/secureworkflow/Submitty/Submitty/ci.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:731: update your workflow using https://app.stepsecurity.io/secureworkflow/Submitty/Submitty/ci.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:742: update your workflow using https://app.stepsecurity.io/secureworkflow/Submitty/Submitty/ci.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:750: update your workflow using https://app.stepsecurity.io/secureworkflow/Submitty/Submitty/ci.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:761: update your workflow using https://app.stepsecurity.io/secureworkflow/Submitty/Submitty/ci.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:777: update your workflow using https://app.stepsecurity.io/secureworkflow/Submitty/Submitty/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:804: update your workflow using https://app.stepsecurity.io/secureworkflow/Submitty/Submitty/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:810: update your workflow using https://app.stepsecurity.io/secureworkflow/Submitty/Submitty/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:816: update your workflow using https://app.stepsecurity.io/secureworkflow/Submitty/Submitty/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:850: update your workflow using https://app.stepsecurity.io/secureworkflow/Submitty/Submitty/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:869: update your workflow using https://app.stepsecurity.io/secureworkflow/Submitty/Submitty/ci.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:882: update your workflow using https://app.stepsecurity.io/secureworkflow/Submitty/Submitty/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:894: update your workflow using https://app.stepsecurity.io/secureworkflow/Submitty/Submitty/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:899: update your workflow using https://app.stepsecurity.io/secureworkflow/Submitty/Submitty/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:939: update your workflow using https://app.stepsecurity.io/secureworkflow/Submitty/Submitty/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:962: update your workflow using https://app.stepsecurity.io/secureworkflow/Submitty/Submitty/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:966: update your workflow using https://app.stepsecurity.io/secureworkflow/Submitty/Submitty/ci.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:983: update your workflow using https://app.stepsecurity.io/secureworkflow/Submitty/Submitty/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:990: update your workflow using https://app.stepsecurity.io/secureworkflow/Submitty/Submitty/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:996: update your workflow using https://app.stepsecurity.io/secureworkflow/Submitty/Submitty/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:1002: update your workflow using https://app.stepsecurity.io/secureworkflow/Submitty/Submitty/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/Submitty/Submitty/ci.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/Submitty/Submitty/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:48: update your workflow using https://app.stepsecurity.io/secureworkflow/Submitty/Submitty/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:49: update your workflow using https://app.stepsecurity.io/secureworkflow/Submitty/Submitty/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:53: update your workflow using https://app.stepsecurity.io/secureworkflow/Submitty/Submitty/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:98: update your workflow using https://app.stepsecurity.io/secureworkflow/Submitty/Submitty/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:99: update your workflow using https://app.stepsecurity.io/secureworkflow/Submitty/Submitty/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:103: update your workflow using https://app.stepsecurity.io/secureworkflow/Submitty/Submitty/ci.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:112: update your workflow using https://app.stepsecurity.io/secureworkflow/Submitty/Submitty/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:244: update your workflow using https://app.stepsecurity.io/secureworkflow/Submitty/Submitty/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:245: update your workflow using https://app.stepsecurity.io/secureworkflow/Submitty/Submitty/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:249: update your workflow using https://app.stepsecurity.io/secureworkflow/Submitty/Submitty/ci.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:269: update your workflow using https://app.stepsecurity.io/secureworkflow/Submitty/Submitty/ci.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:283: update your workflow using https://app.stepsecurity.io/secureworkflow/Submitty/Submitty/ci.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:297: update your workflow using https://app.stepsecurity.io/secureworkflow/Submitty/Submitty/ci.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:318: update your workflow using https://app.stepsecurity.io/secureworkflow/Submitty/Submitty/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:329: update your workflow using https://app.stepsecurity.io/secureworkflow/Submitty/Submitty/ci.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/documentation_check.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/Submitty/Submitty/documentation_check.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/first_issue_reply.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/Submitty/Submitty/first_issue_reply.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/first_pr_open.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/Submitty/Submitty/first_pr_open.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/label_stale_prs.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/Submitty/Submitty/label_stale_prs.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/localization_up.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/Submitty/Submitty/localization_up.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/move_to_in_review.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/Submitty/Submitty/move_to_in_review.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/move_to_in_review.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/Submitty/Submitty/move_to_in_review.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/save_vm.yaml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/Submitty/Submitty/save_vm.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/sort_draft_prs.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/Submitty/Submitty/sort_draft_prs.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/sort_draft_prs.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/Submitty/Submitty/sort_draft_prs.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/vagrant_up.yaml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/Submitty/Submitty/vagrant_up.yaml/main?enable=pin","Warn: pipCommand not pinned by hash: .setup/INSTALL_SUBMITTY_HELPER.sh:147","Warn: npmCommand not pinned by hash: .setup/SUBMITTY_TEST.sh:19","Warn: npmCommand not pinned by hash: .setup/SUBMITTY_TEST.sh:24","Warn: downloadThenRun not pinned by hash: .setup/distro_setup/ubuntu/18.04/setup_distro.sh:88","Warn: downloadThenRun not pinned by hash: .setup/distro_setup/ubuntu/20.04/setup_distro.sh:74","Warn: pipCommand not pinned by hash: .setup/distro_setup/ubuntu/rpi.sh:30","Warn: pipCommand not pinned by hash: .setup/distro_setup/ubuntu/rpi.sh:31","Warn: pipCommand not pinned by hash: .setup/distro_setup/ubuntu/rpi.sh:172","Warn: pipCommand not pinned by hash: .setup/distro_setup/ubuntu/rpi.sh:173","Warn: pipCommand not pinned by hash: .setup/distro_setup/ubuntu/rpi.sh:174","Warn: pipCommand not pinned by hash: .setup/distro_setup/ubuntu/rpi.sh:175","Warn: pipCommand not pinned by hash: .setup/distro_setup/ubuntu/rpi.sh:176","Warn: downloadThenRun not pinned by hash: .setup/install_system.sh:236","Warn: pipCommand not pinned by hash: .setup/update_system.sh:40","Warn: pipCommand not pinned by hash: .setup/update_system.sh:43","Warn: pipCommand not pinned by hash: .github/workflows/ci.yml:454","Warn: pipCommand not pinned by hash: .github/workflows/ci.yml:459","Warn: pipCommand not pinned by hash: .github/workflows/ci.yml:235","Warn: pipCommand not pinned by hash: .github/workflows/ci.yml:257","Warn: pipCommand not pinned by hash: .github/workflows/ci.yml:258","Warn: pipCommand not pinned by hash: .github/workflows/ci.yml:265","Info:   0 out of  56 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of  23 third-party GitHubAction dependencies pinned","Info:   0 out of   3 downloadThenRun dependencies pinned","Info:   0 out of  16 pipCommand dependencies pinned","Info:   6 out of   8 npmCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#pinned-dependencies"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 30 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":6,"reason":"4 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-4vvm-4w3v-6mr8","Warn: Project is vulnerable to: GHSA-xffm-g5w8-qvg7","Warn: Project is vulnerable to: GHSA-vc8w-jr9v-vj7f","Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-15T05:30:04.456Z","repository_id":13544230,"created_at":"2025-08-15T05:30:04.456Z","updated_at":"2025-08-15T05:30:04.456Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":30372127,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-03-10T21:41:54.280Z","status":"online","status_checked_at":"2026-03-11T02:00:07.027Z","response_time":84,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["autograding","education","hacktoberfest","homework-server","submitty","teaching-tools"],"created_at":"2025-12-18T03:29:09.081Z","updated_at":"2026-03-15T10:56:55.707Z","avatar_url":"https://github.com/Submitty.png","language":"PHP","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003cp align=\"center\"\u003e\n  \u003cpicture\u003e\n    \u003csource media=\"(prefers-color-scheme: dark)\" srcset=\"https://github.com/Submitty/Submitty/blob/main/site/public/img/submitty_logo_white.png?raw=true\"\u003e\n    \u003cimg src=\"https://github.com/Submitty/Submitty/blob/main/site/public/img/submitty_logo.png?raw=true\" alt=\"Submitty Logo\" width=\"500px\"/\u003e\n  \u003c/picture\u003e\n\u003c/p\u003e\n\n[![Submitty CI](https://github.com/Submitty/Submitty/actions/workflows/submitty_ci.yml/badge.svg?event=push)](https://github.com/Submitty/Submitty/actions/workflows/submitty_ci.yml)\n[![Vagrant Up](https://github.com/Submitty/Submitty/actions/workflows/vagrant_up.yaml/badge.svg)](https://github.com/Submitty/Submitty/actions/workflows/vagrant_up.yaml)\n\n# Usage\n\nSystem instructions located at [https://submitty.org/](https://submitty.org/)\n\n# Background\n\n[Submitty](https://submitty.org) is an open source course management, assignment submission, exam and grading system\nfrom the [Rensselaer Center for Open Source Software (RCOS)](https://new.rcos.io/),\n[Department of Computer Science](https://compsci.rpi.edu/) at\n[Rensselaer Polytechnic Institute](https://www.rpi.edu/).\n\nThe Submitty project is hosted on [GitHub](https://github.com/Submitty).\n\nOur key features are described here: [https://submitty.org/index/features](https://submitty.org/index/features)\n\n\n## Contributing\n\nTo learn how to contribute to our project, please read:  \n[How to Make a Pull Request](https://submitty.org/developer/getting_started/make_a_pull_request)  \n[How to Review a Pull Request](https://submitty.org/developer/getting_started/review_a_pull_request)  \n\n\n# Contact Us\n\nIf you have a question, please [contact us](https://submitty.org/index/contact) through Zulip.\n\n\n### LICENSING\n\nSubmitty is licensed under BSD \"3-Clause\" which can be viewed in [LICENSE](LICENSE.md)  \nLicenses for the 3rd party components can be viewed in [LICENSE-THIRD-PARTY](LICENSE-THIRD-PARTY.md)\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsubmitty%2Fsubmitty","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsubmitty%2Fsubmitty","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsubmitty%2Fsubmitty/lists"}