{"id":13620744,"url":"https://github.com/unicode-org/cldr","last_synced_at":"2026-03-17T02:08:12.935Z","repository":{"id":37270706,"uuid":"103948672","full_name":"unicode-org/cldr","owner":"unicode-org","description":"The home of the Unicode Common Locale Data Repository","archived":false,"fork":false,"pushed_at":"2025-12-21T17:15:30.000Z","size":683046,"stargazers_count":1046,"open_issues_count":203,"forks_count":415,"subscribers_count":59,"default_branch":"main","last_synced_at":"2025-12-21T20:57:53.959Z","etag":null,"topics":["cldr","unicode"],"latest_commit_sha":null,"homepage":"https://unicode.org/cldr","language":"Java","has_issues":false,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/unicode-org.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null},"funding":{"custom":"https://home.unicode.org/donation-page/"}},"created_at":"2017-09-18T14:19:54.000Z","updated_at":"2025-12-20T19:36:06.000Z","dependencies_parsed_at":"2023-09-22T13:20:49.492Z","dependency_job_id":"dca7fb54-3b91-4f28-94ff-eaadecff6520","html_url":"https://github.com/unicode-org/cldr","commit_stats":null,"previous_names":[],"tags_count":633,"template":false,"template_full_name":null,"purl":"pkg:github/unicode-org/cldr","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/unicode-org%2Fcldr","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/unicode-org%2Fcldr/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/unicode-org%2Fcldr/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/unicode-org%2Fcldr/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/unicode-org","download_url":"https://codeload.github.com/unicode-org/cldr/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/unicode-org%2Fcldr/sbom","scorecard":{"id":496973,"data":{"date":"2025-08-11","repo":{"name":"github.com/unicode-org/cldr","commit":"b7ecebdd775aab8c90be9f30a181c789438be035"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":5.8,"checks":[{"name":"Code-Review","score":10,"reason":"all changesets reviewed","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Maintained","score":10,"reason":"30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"License","score":9,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Warn: project license file does not contain an FSF or OSI license."],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Packaging","score":10,"reason":"packaging workflow detected","details":["Info: Project packages its releases by way of GitHub Actions.: .github/workflows/maven-release.yml:7"],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Info: jobLevel 'actions' permission set to 'read': .github/workflows/codeql-analysis.yml:23","Info: jobLevel 'contents' permission set to 'read': .github/workflows/codeql-analysis.yml:24","Warn: no topLevel permission defined: .github/workflows/ansible-lint.yml:1","Warn: no topLevel permission defined: .github/workflows/build-icu.yml:1","Warn: no topLevel permission defined: .github/workflows/codeql-analysis.yml:1","Warn: no topLevel permission defined: .github/workflows/commit-checker.yml:1","Warn: topLevel 'deployments' permission set to 'write': .github/workflows/gh-pages.yml:14","Info: topLevel 'actions' permission set to 'read': .github/workflows/gh-pages.yml:16","Warn: no topLevel permission defined: .github/workflows/js.yml:1","Warn: no topLevel permission defined: .github/workflows/keyboard.yml:1","Warn: no topLevel permission defined: .github/workflows/maven-release.yml:1","Warn: no topLevel permission defined: .github/workflows/maven.yml:1","Warn: no topLevel permission defined: .github/workflows/production.yml:1","Warn: topLevel 'deployments' permission set to 'write': .github/workflows/site.yml:5","Warn: no topLevel permission defined: .github/workflows/staging.yml:1","Warn: no topLevel permission defined: .github/workflows/update-jira.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"SAST","score":7,"reason":"SAST tool detected but not run on all commits","details":["Info: SAST configuration detected: CodeQL","Warn: 10 commits out of 30 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Pinned-Dependencies","score":1,"reason":"dependency not pinned by hash detected -- score normalized to 1","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ansible-lint.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/ansible-lint.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ansible-lint.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/ansible-lint.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/auto-author-assign.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/auto-author-assign.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-icu.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/build-icu.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-icu.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/build-icu.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-icu.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/build-icu.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-icu.yml:54: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/build-icu.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-icu.yml:69: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/build-icu.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-icu.yml:80: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/build-icu.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-icu.yml:86: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/build-icu.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-icu.yml:91: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/build-icu.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build-icu.yml:96: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/build-icu.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-icu.yml:123: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/build-icu.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-icu.yml:130: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/build-icu.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-icu.yml:157: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/build-icu.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-icu.yml:173: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/build-icu.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-icu.yml:179: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/build-icu.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-icu.yml:197: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/build-icu.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-icu.yml:217: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/build-icu.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-icu.yml:225: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/build-icu.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-icu.yml:233: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/build-icu.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-icu.yml:244: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/build-icu.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/codeql-analysis.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/codeql-analysis.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/codeql-analysis.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:52: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/codeql-analysis.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:61: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/codeql-analysis.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:89: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/codeql-analysis.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/commit-checker.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/commit-checker.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/commit-checker.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/commit-checker.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/commit-checker.yml:91: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/commit-checker.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/gh-pages.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/gh-pages.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/gh-pages.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/gh-pages.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/gh-pages.yml:47: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/gh-pages.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/gh-pages.yml:54: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/gh-pages.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/gh-pages.yml:68: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/gh-pages.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/gh-pages.yml:74: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/gh-pages.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/gh-pages.yml:82: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/gh-pages.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/gh-pages.yml:96: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/gh-pages.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/gh-pages.yml:128: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/gh-pages.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/js.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/js.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/js.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/js.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/js.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/js.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/js.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/js.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/keyboard.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/keyboard.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/keyboard.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/keyboard.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/keyboard.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/keyboard.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/maven-release.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/maven-release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/maven-release.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/maven-release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/maven-release.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/maven-release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/maven-release.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/maven-release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/maven.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/maven.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/maven.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/maven.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/maven.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/maven.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/maven.yml:49: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/maven.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/maven.yml:55: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/maven.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/maven.yml:68: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/maven.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/maven.yml:73: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/maven.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/maven.yml:78: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/maven.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/maven.yml:85: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/maven.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/maven.yml:93: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/maven.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/maven.yml:124: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/maven.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/maven.yml:129: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/maven.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/maven.yml:139: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/maven.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/maven.yml:145: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/maven.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/maven.yml:152: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/maven.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/maven.yml:157: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/maven.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/maven.yml:164: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/maven.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/maven.yml:172: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/maven.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/maven.yml:211: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/maven.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/maven.yml:216: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/maven.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/maven.yml:222: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/maven.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/maven.yml:227: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/maven.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/maven.yml:275: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/maven.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/maven.yml:280: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/maven.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/maven.yml:285: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/maven.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/maven.yml:292: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/maven.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/maven.yml:338: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/maven.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/production.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/production.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/production.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/production.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/production.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/production.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/production.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/production.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/production.yml:70: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/production.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/production.yml:75: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/production.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/production.yml:88: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/production.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/site.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/site.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/site.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/site.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/site.yml:49: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/site.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/site.yml:61: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/site.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/staging.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/staging.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/staging.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/staging.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/staging.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/staging.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/staging.yml:43: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/staging.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/staging.yml:71: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/staging.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/staging.yml:82: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/staging.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/update-jira.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/unicode-org/cldr/update-jira.yml/main?enable=pin","Warn: containerImage not pinned by hash: tools/cldr-apps-webdriver/Dockerfile:1: pin your Docker image by updating maven:3-eclipse-temurin-17-alpine to maven:3-eclipse-temurin-17-alpine@sha256:6d7a631eb1d3f70ec83b738c9484c513683690a2631baa780d04ab0fbb275feb","Warn: containerImage not pinned by hash: tools/cldr-apps/Dockerfile:1","Warn: containerImage not pinned by hash: tools/cldr-apps/Dockerfile:12","Warn: containerImage not pinned by hash: tools/scripts/web/docker/Dockerfile:1: pin your Docker image by updating jekyll/jekyll:4.2.2 to jekyll/jekyll:4.2.2@sha256:400b8d1569f118bca8a3a09a25f32803b00a55d1ea241feaf5f904d66ca9c625","Warn: npmCommand not pinned by hash: tools/cldr-apps/js/test/run.sh:5","Warn: npmCommand not pinned by hash: tools/scripts/tr-archive/make-tr-archive.sh:3","Warn: pipCommand not pinned by hash: .github/workflows/commit-checker.yml:51","Warn: npmCommand not pinned by hash: .github/workflows/keyboard.yml:38","Warn: npmCommand not pinned by hash: .github/workflows/site.yml:46","Info:   0 out of  86 GitHub-owned GitHubAction dependencies pinned","Info:   1 out of  11 third-party GitHubAction dependencies pinned","Info:   0 out of   4 containerImage dependencies pinned","Info:   7 out of  11 npmCommand dependencies pinned","Info:   0 out of   1 pipCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Vulnerabilities","score":2,"reason":"8 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-mwcw-c2x4-8c55","Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw","Warn: Project is vulnerable to: GHSA-pxg6-pf52-xh8x","Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275","Warn: Project is vulnerable to: GHSA-fjxv-7rqg-78g4","Warn: Project is vulnerable to: GHSA-pq67-2wwv-3xjx","Warn: Project is vulnerable to: GHSA-8cj5-5rvv-wf4v","Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-19T20:40:17.350Z","repository_id":37270706,"created_at":"2025-08-19T20:40:17.350Z","updated_at":"2025-08-19T20:40:17.350Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28337864,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-12T06:09:07.588Z","status":"ssl_error","status_checked_at":"2026-01-12T06:05:18.301Z","response_time":98,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cldr","unicode"],"created_at":"2024-08-01T21:00:59.017Z","updated_at":"2026-03-17T02:08:12.930Z","avatar_url":"https://github.com/unicode-org.png","language":"Java","readme":"# Unicode CLDR Project\n\nFor current CLDR release information, see [cldr.unicode.org](https://cldr.unicode.org/index/downloads/).\n\n## `main` branch\n\n[![cldr-mvn](https://github.com/unicode-org/cldr/workflows/cldr-mvn/badge.svg)](https://github.com/unicode-org/cldr/actions?query=branch%3Amain+workflow%3A%22cldr-mvn%22)\n[![Publish to gh-pages](https://github.com/unicode-org/cldr/actions/workflows/gh-pages.yml/badge.svg)](https://github.com/unicode-org/cldr/actions/workflows/gh-pages.yml)\n[![CodeQL](https://github.com/unicode-org/cldr/actions/workflows/codeql-analysis.yml/badge.svg)](https://github.com/unicode-org/cldr/actions/workflows/codeql-analysis.yml)\n\n## Status\n\nUpdate: 2026-01-12\n\n\u003c!-- [inapplicable lines are commented out.]--\u003e\n**Note:**  CLDR 49 is in development and not recommended for use at this stage.\n\u003c!--**Note:**  This is the milestone 1 version of CLDR 49, intended for those wishing to do pre-release testing. It is not recommended for production use.--\u003e\n\u003c!--**Note:** This is a preliminary version of CLDR 49, intended for those wishing to do pre-release testing. It is not recommended for production use.--\u003e\n\u003c!--**Note:**  This is a pre-release candidate version of CLDR 49, intended for testing. It is not recommended for production use.--\u003e\n\u003c!--This is the final release version of CLDR 49.--\u003e\n\n### What is CLDR?\n\nThe Unicode Common Locale Data Repository (CLDR) provides key building blocks for software to support the world's languages, with the largest and most extensive standard repository of locale data available. This data is used by a [wide spectrum of companies](https://cldr.unicode.org/#who-uses-cldr) for their software internationalization and localization, adapting software to the conventions of different languages for such common software tasks.\n\nSee for further information:\n\n- [CLDR releases and downloads](https://cldr.unicode.org/index/downloads \"CLDR Download Page\"),\nincluding the data files and LDML specification associated with each release\n\n- [Repository organization](https://cldr.unicode.org/index/downloads#Repository_Organization \"CLDR Download Page, Repository Organization\"),\ndescribing the organization of files within this repository\n\n- [Building and running CLDR Tools](https://cldr.unicode.org/development/cldr-tools \"CLDR Tools Page\")\n\n### Contributing\n\nFor details about all code or data contributions, see [CONTRIBUTING.md](./CONTRIBUTING.md)\n\n#### Spotless\n\nA source formatter is now used, please see [spotless](./tools/README.md#spotless) for details.\n\n### Copyright \u0026 Licenses\n\nCopyright © 2004-2026 Unicode, Inc. Unicode and the Unicode Logo are registered trademarks of Unicode, Inc. in the United States and other countries.\n\nA CLA is required to contribute to this project - please refer to the [CONTRIBUTING.md](./CONTRIBUTING.md) file (or start a Pull Request) for more information.\n\nThe contents of this repository are governed by the Unicode [Terms of Use](https://www.unicode.org/copyright.html) and are released under [LICENSE](./LICENSE).\n\nNote that some CLDR tools depend on libraries managed via Maven; use of these libraries is governed by separate license agreements.\n","funding_links":["https://home.unicode.org/donation-page/"],"categories":["Java","others"],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Funicode-org%2Fcldr","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Funicode-org%2Fcldr","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Funicode-org%2Fcldr/lists"}