{"id":15033665,"url":"https://github.com/virtocommerce/vc-platform","last_synced_at":"2026-04-23T19:02:55.195Z","repository":{"id":11384729,"uuid":"13825712","full_name":"VirtoCommerce/vc-platform","owner":"VirtoCommerce","description":"Virto Commerce B2B Innovation Platform","archived":false,"fork":false,"pushed_at":"2026-04-20T14:00:26.000Z","size":241417,"stargazers_count":1297,"open_issues_count":57,"forks_count":855,"subscribers_count":139,"default_branch":"dev","last_synced_at":"2026-04-20T22:18:37.427Z","etag":null,"topics":["angular","asp-net","azure","b2b","commerce","e-commerce","ecommerce","ecommerce-platform","microsoft-cloud"],"latest_commit_sha":null,"homepage":"https://virtocommerce.com","language":"C#","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/VirtoCommerce.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":".github/CODEOWNERS","security":null,"support":"docs/support.md","governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2013-10-24T07:44:30.000Z","updated_at":"2026-04-20T13:54:21.000Z","dependencies_parsed_at":"2024-01-16T19:32:15.493Z","dependency_job_id":"6da9e4a9-6f35-4a56-97ba-3606fe6a145b","html_url":"https://github.com/VirtoCommerce/vc-platform","commit_stats":null,"previous_names":["virtocommerce/vc-community"],"tags_count":787,"template":false,"template_full_name":null,"purl":"pkg:github/VirtoCommerce/vc-platform","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/VirtoCommerce%2Fvc-platform","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/VirtoCommerce%2Fvc-platform/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/VirtoCommerce%2Fvc-platform/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/VirtoCommerce%2Fvc-platform/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/VirtoCommerce","download_url":"https://codeload.github.com/VirtoCommerce/vc-platform/tar.gz/refs/heads/dev","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/VirtoCommerce%2Fvc-platform/sbom","scorecard":{"id":148377,"data":{"date":"2025-08-11","repo":{"name":"github.com/VirtoCommerce/vc-platform","commit":"706fba0c48b2c49a0970a03bfda089d667554574"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":4,"checks":[{"name":"Code-Review","score":3,"reason":"Found 9/30 approved changesets -- score normalized to 3","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Dangerous-Workflow","score":0,"reason":"dangerous workflow patterns detected","details":["Warn: script injection with untrusted input ' github.event.head_commit.message ': .github/workflows/platform-ci.yml:242"],"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Maintained","score":10,"reason":"30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Info: jobLevel 'actions' permission set to 'read': .github/workflows/codeql-analysis.yml:29","Info: jobLevel 'contents' permission set to 'read': .github/workflows/codeql-analysis.yml:30","Warn: no topLevel permission defined: .github/workflows/codeql-analysis.yml:1","Warn: no topLevel permission defined: .github/workflows/deploy.yml:1","Warn: no topLevel permission defined: .github/workflows/msteams.yml:1","Warn: no topLevel permission defined: .github/workflows/platform-ci.yml:1","Warn: no topLevel permission defined: .github/workflows/platform-release-hotfix.yml:1","Warn: no topLevel permission defined: .github/workflows/platfotm-owasp.yml:1","Warn: no topLevel permission defined: .github/workflows/pr-ci.yml:1","Warn: no topLevel permission defined: .github/workflows/pr-deploy.yml:1","Warn: no topLevel permission defined: .github/workflows/publish-nugets.yml:1","Warn: no topLevel permission defined: .github/workflows/regression-pr.yml:1","Warn: no topLevel permission defined: .github/workflows/release.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"License","score":9,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Warn: project license file does not contain an FSF or OSI license."],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Signed-Releases","score":0,"reason":"Project has not signed or included provenance with any releases.","details":["Warn: release artifact 3.887.5 not signed: https://api.github.com/repos/VirtoCommerce/vc-platform/releases/238834885","Warn: release artifact 3.854.13 not signed: https://api.github.com/repos/VirtoCommerce/vc-platform/releases/238834732","Warn: release artifact 3.902.0 not signed: https://api.github.com/repos/VirtoCommerce/vc-platform/releases/238668669","Warn: release artifact 3.901.0 not signed: https://api.github.com/repos/VirtoCommerce/vc-platform/releases/234879998","Warn: release artifact 3.900.0 not signed: https://api.github.com/repos/VirtoCommerce/vc-platform/releases/234779501","Warn: release artifact 3.887.5 does not have provenance: https://api.github.com/repos/VirtoCommerce/vc-platform/releases/238834885","Warn: release artifact 3.854.13 does not have provenance: https://api.github.com/repos/VirtoCommerce/vc-platform/releases/238834732","Warn: release artifact 3.902.0 does not have provenance: https://api.github.com/repos/VirtoCommerce/vc-platform/releases/238668669","Warn: release artifact 3.901.0 does not have provenance: https://api.github.com/repos/VirtoCommerce/vc-platform/releases/234879998","Warn: release artifact 3.900.0 does not have provenance: https://api.github.com/repos/VirtoCommerce/vc-platform/releases/234779501"],"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: third-party GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:43: update your workflow using https://app.stepsecurity.io/secureworkflow/VirtoCommerce/vc-platform/codeql-analysis.yml/dev?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:46: update your workflow using https://app.stepsecurity.io/secureworkflow/VirtoCommerce/vc-platform/codeql-analysis.yml/dev?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:50: update your workflow using https://app.stepsecurity.io/secureworkflow/VirtoCommerce/vc-platform/codeql-analysis.yml/dev?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:69: update your workflow using https://app.stepsecurity.io/secureworkflow/VirtoCommerce/vc-platform/codeql-analysis.yml/dev?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:83: update your workflow using https://app.stepsecurity.io/secureworkflow/VirtoCommerce/vc-platform/codeql-analysis.yml/dev?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/deploy.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/VirtoCommerce/vc-platform/deploy.yml/dev?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/deploy.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/VirtoCommerce/vc-platform/deploy.yml/dev?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/deploy.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/VirtoCommerce/vc-platform/deploy.yml/dev?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/deploy.yml:72: update your workflow using https://app.stepsecurity.io/secureworkflow/VirtoCommerce/vc-platform/deploy.yml/dev?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/msteams.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/VirtoCommerce/vc-platform/msteams.yml/dev?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/platform-ci.yml:71: update your workflow using https://app.stepsecurity.io/secureworkflow/VirtoCommerce/vc-platform/platform-ci.yml/dev?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/platform-ci.yml:76: update your workflow using https://app.stepsecurity.io/secureworkflow/VirtoCommerce/vc-platform/platform-ci.yml/dev?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/platform-ci.yml:97: update your workflow using https://app.stepsecurity.io/secureworkflow/VirtoCommerce/vc-platform/platform-ci.yml/dev?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/platform-ci.yml:102: update your workflow using https://app.stepsecurity.io/secureworkflow/VirtoCommerce/vc-platform/platform-ci.yml/dev?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/platform-ci.yml:108: update your workflow using https://app.stepsecurity.io/secureworkflow/VirtoCommerce/vc-platform/platform-ci.yml/dev?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/platform-ci.yml:113: update your workflow using https://app.stepsecurity.io/secureworkflow/VirtoCommerce/vc-platform/platform-ci.yml/dev?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/platform-ci.yml:133: update your workflow using https://app.stepsecurity.io/secureworkflow/VirtoCommerce/vc-platform/platform-ci.yml/dev?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/platform-ci.yml:138: update your workflow using https://app.stepsecurity.io/secureworkflow/VirtoCommerce/vc-platform/platform-ci.yml/dev?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/platform-ci.yml:151: update your workflow using https://app.stepsecurity.io/secureworkflow/VirtoCommerce/vc-platform/platform-ci.yml/dev?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/platform-ci.yml:154: update your workflow using https://app.stepsecurity.io/secureworkflow/VirtoCommerce/vc-platform/platform-ci.yml/dev?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/platform-ci.yml:164: update your workflow using https://app.stepsecurity.io/secureworkflow/VirtoCommerce/vc-platform/platform-ci.yml/dev?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/platform-ci.yml:172: update your workflow using https://app.stepsecurity.io/secureworkflow/VirtoCommerce/vc-platform/platform-ci.yml/dev?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/platform-ci.yml:179: update your workflow using https://app.stepsecurity.io/secureworkflow/VirtoCommerce/vc-platform/platform-ci.yml/dev?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/platform-ci.yml:192: update your workflow using https://app.stepsecurity.io/secureworkflow/VirtoCommerce/vc-platform/platform-ci.yml/dev?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/platform-ci.yml:197: update your workflow using https://app.stepsecurity.io/secureworkflow/VirtoCommerce/vc-platform/platform-ci.yml/dev?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/platform-ci.yml:210: update your workflow using https://app.stepsecurity.io/secureworkflow/VirtoCommerce/vc-platform/platform-ci.yml/dev?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/platform-ci.yml:219: update your workflow using https://app.stepsecurity.io/secureworkflow/VirtoCommerce/vc-platform/platform-ci.yml/dev?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/platform-ci.yml:230: update your workflow using https://app.stepsecurity.io/secureworkflow/VirtoCommerce/vc-platform/platform-ci.yml/dev?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/platform-ci.yml:234: update your workflow using https://app.stepsecurity.io/secureworkflow/VirtoCommerce/vc-platform/platform-ci.yml/dev?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/platform-ci.yml:252: update your workflow using https://app.stepsecurity.io/secureworkflow/VirtoCommerce/vc-platform/platform-ci.yml/dev?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/platform-ci.yml:262: update your workflow using https://app.stepsecurity.io/secureworkflow/VirtoCommerce/vc-platform/platform-ci.yml/dev?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/platform-ci.yml:273: update your workflow using https://app.stepsecurity.io/secureworkflow/VirtoCommerce/vc-platform/platform-ci.yml/dev?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/platform-ci.yml:299: update your workflow using https://app.stepsecurity.io/secureworkflow/VirtoCommerce/vc-platform/platform-ci.yml/dev?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/platform-ci.yml:311: update your workflow using https://app.stepsecurity.io/secureworkflow/VirtoCommerce/vc-platform/platform-ci.yml/dev?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/platform-ci.yml:328: update your workflow using https://app.stepsecurity.io/secureworkflow/VirtoCommerce/vc-platform/platform-ci.yml/dev?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/platform-ci.yml:345: update your workflow using https://app.stepsecurity.io/secureworkflow/VirtoCommerce/vc-platform/platform-ci.yml/dev?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/platform-release-hotfix.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/VirtoCommerce/vc-platform/platform-release-hotfix.yml/dev?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/platform-release-hotfix.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/VirtoCommerce/vc-platform/platform-release-hotfix.yml/dev?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/platform-release-hotfix.yml:45: update your workflow using https://app.stepsecurity.io/secureworkflow/VirtoCommerce/vc-platform/platform-release-hotfix.yml/dev?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/platform-release-hotfix.yml:50: update your workflow using https://app.stepsecurity.io/secureworkflow/VirtoCommerce/vc-platform/platform-release-hotfix.yml/dev?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/platform-release-hotfix.yml:64: update your workflow using https://app.stepsecurity.io/secureworkflow/VirtoCommerce/vc-platform/platform-release-hotfix.yml/dev?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/platform-release-hotfix.yml:81: update your workflow using https://app.stepsecurity.io/secureworkflow/VirtoCommerce/vc-platform/platform-release-hotfix.yml/dev?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/platform-release-hotfix.yml:84: update your workflow using https://app.stepsecurity.io/secureworkflow/VirtoCommerce/vc-platform/platform-release-hotfix.yml/dev?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/platform-release-hotfix.yml:87: update your workflow using https://app.stepsecurity.io/secureworkflow/VirtoCommerce/vc-platform/platform-release-hotfix.yml/dev?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/platform-release-hotfix.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/VirtoCommerce/vc-platform/platform-release-hotfix.yml/dev?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/platfotm-owasp.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/VirtoCommerce/vc-platform/platfotm-owasp.yml/dev?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/platfotm-owasp.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/VirtoCommerce/vc-platform/platfotm-owasp.yml/dev?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/platfotm-owasp.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/VirtoCommerce/vc-platform/platfotm-owasp.yml/dev?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/platfotm-owasp.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/VirtoCommerce/vc-platform/platfotm-owasp.yml/dev?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/pr-ci.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/VirtoCommerce/vc-platform/pr-ci.yml/dev?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/pr-ci.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/VirtoCommerce/vc-platform/pr-ci.yml/dev?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/pr-ci.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/VirtoCommerce/vc-platform/pr-ci.yml/dev?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/pr-deploy.yml:57: update your workflow using https://app.stepsecurity.io/secureworkflow/VirtoCommerce/vc-platform/pr-deploy.yml/dev?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/pr-deploy.yml:70: update your workflow using https://app.stepsecurity.io/secureworkflow/VirtoCommerce/vc-platform/pr-deploy.yml/dev?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr-deploy.yml:97: update your workflow using https://app.stepsecurity.io/secureworkflow/VirtoCommerce/vc-platform/pr-deploy.yml/dev?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr-deploy.yml:124: update your workflow using https://app.stepsecurity.io/secureworkflow/VirtoCommerce/vc-platform/pr-deploy.yml/dev?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr-deploy.yml:151: update your workflow using https://app.stepsecurity.io/secureworkflow/VirtoCommerce/vc-platform/pr-deploy.yml/dev?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr-deploy.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/VirtoCommerce/vc-platform/pr-deploy.yml/dev?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/pr-deploy.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/VirtoCommerce/vc-platform/pr-deploy.yml/dev?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/pr-deploy.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/VirtoCommerce/vc-platform/pr-deploy.yml/dev?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/pr-deploy.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/VirtoCommerce/vc-platform/pr-deploy.yml/dev?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish-nugets.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/VirtoCommerce/vc-platform/publish-nugets.yml/dev?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish-nugets.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/VirtoCommerce/vc-platform/publish-nugets.yml/dev?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish-nugets.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/VirtoCommerce/vc-platform/publish-nugets.yml/dev?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/regression-pr.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/VirtoCommerce/vc-platform/regression-pr.yml/dev?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/regression-pr.yml:51: update your workflow using https://app.stepsecurity.io/secureworkflow/VirtoCommerce/vc-platform/regression-pr.yml/dev?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/regression-pr.yml:53: update your workflow using https://app.stepsecurity.io/secureworkflow/VirtoCommerce/vc-platform/regression-pr.yml/dev?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:10: update your workflow using https://app.stepsecurity.io/secureworkflow/VirtoCommerce/vc-platform/release.yml/dev?enable=pin","Warn: containerImage not pinned by hash: DockerCompose/ModulesDevelop/Platform.Dockerfile:3","Warn: containerImage not pinned by hash: src/VirtoCommerce.Platform.Web/Dockerfile:3","Warn: containerImage not pinned by hash: src/VirtoCommerce.Platform.Web/Dockerfile:9","Warn: containerImage not pinned by hash: src/VirtoCommerce.Platform.Web/Dockerfile:25","Warn: containerImage not pinned by hash: src/VirtoCommerce.Platform.Web/Dockerfile:28","Warn: nugetCommand not pinned by hash: src/VirtoCommerce.Platform.Web/Dockerfile:20: pin your dependecies by either enabling central package management (https://learn.microsoft.com/nuget/consume-packages/Central-Package-Management) or using a lockfile (https://learn.microsoft.com/nuget/consume-packages/package-references-in-project-files#locking-dependencies)","Info:   0 out of  14 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of  54 third-party GitHubAction dependencies pinned","Info:   0 out of   5 containerImage dependencies pinned","Info:   0 out of   1 nugetCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"SAST","score":10,"reason":"SAST tool is run on all commits","details":["Info: SAST configuration detected: CodeQL","Info: all commits (12) are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}}]},"last_synced_at":"2025-08-16T09:56:12.665Z","repository_id":11384729,"created_at":"2025-08-16T09:56:12.665Z","updated_at":"2025-08-16T09:56:12.665Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":32193915,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-23T15:28:30.493Z","status":"ssl_error","status_checked_at":"2026-04-23T15:28:29.972Z","response_time":53,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["angular","asp-net","azure","b2b","commerce","e-commerce","ecommerce","ecommerce-platform","microsoft-cloud"],"created_at":"2024-09-24T20:22:16.603Z","updated_at":"2026-04-23T19:02:55.167Z","avatar_url":"https://github.com/VirtoCommerce.png","language":"C#","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Virto Commerce B2B Innovation Platform\n\n[![Share on Facebook](https://img.shields.io/badge/facebook--blue.svg?style=social\u0026label=Share\u0026logo=data%3Aimage%2Fsvg%2Bxml%3Bbase64%2CPD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48IURPQ1RZUEUgc3ZnIFBVQkxJQyAiLS8vVzNDLy9EVEQgU1ZHIDEuMS8vRU4iICJodHRwOi8vd3d3LnczLm9yZy9HcmFwaGljcy9TVkcvMS4xL0RURC9zdmcxMS5kdGQiPjxzdmcgdmVyc2lvbj0iMS4xIiBpZD0iTGF5ZXJfMSIgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiB4bWxuczp4bGluaz0iaHR0cDovL3d3dy53My5vcmcvMTk5OS94bGluayIgeD0iMHB4IiB5PSIwcHgiIHdpZHRoPSIyNjYuODkzcHgiIGhlaWdodD0iMjY2Ljg5NXB4IiB2aWV3Qm94PSIwIDAgMjY2Ljg5MyAyNjYuODk1IiBlbmFibGUtYmFja2dyb3VuZD0ibmV3IDAgMCAyNjYuODkzIDI2Ni44OTUiIHhtbDpzcGFjZT0icHJlc2VydmUiPjxwYXRoIGlkPSJCbHVlXzFfIiBmaWxsPSIjM0M1QTk5IiBkPSJNMjQ4LjA4MiwyNjIuMzA3YzcuODU0LDAsMTQuMjIzLTYuMzY5LDE0LjIyMy0xNC4yMjVWMTguODEyYzAtNy44NTctNi4zNjgtMTQuMjI0LTE0LjIyMy0xNC4yMjRIMTguODEyYy03Ljg1NywwLTE0LjIyNCw2LjM2Ny0xNC4yMjQsMTQuMjI0djIyOS4yN2MwLDcuODU1LDYuMzY2LDE0LjIyNSwxNC4yMjQsMTQuMjI1SDI0OC4wODJ6Ii8%2BPHBhdGggaWQ9ImYiIGZpbGw9IiNGRkZGRkYiIGQ9Ik0xODIuNDA5LDI2Mi4zMDd2LTk5LjgwM2gzMy40OTlsNS4wMTYtMzguODk1aC0zOC41MTVWOTguNzc3YzAtMTEuMjYxLDMuMTI3LTE4LjkzNSwxOS4yNzUtMTguOTM1bDIwLjU5Ni0wLjAwOVY0NS4wNDVjLTMuNTYyLTAuNDc0LTE1Ljc4OC0xLjUzMy0zMC4wMTItMS41MzNjLTI5LjY5NSwwLTUwLjAyNSwxOC4xMjYtNTAuMDI1LDUxLjQxM3YyOC42ODRoLTMzLjU4NXYzOC44OTVoMzMuNTg1djk5LjgwM0gxODIuNDA5eiIvPjwvc3ZnPg%3D%3D)](https://www.facebook.com/sharer.php?u=https://virtocommerce.com)\u0026nbsp;[![Tweet](https://img.shields.io/twitter/url/https/virtocommerce.com.svg?style=social)](https://twitter.com/intent/tweet?text=%23VirtoCommerce%20puts%20the%20best%20of%20MS%20Azure%20Cloud%2C%20open%20source%20.Net%20code%20and%20agile%20development%20in%20a%20single%20enterprise%20%23ecommerce%20platform.) [![Latest release](https://img.shields.io/github/release/VirtoCommerce/vc-platform.svg)](https://github.com/VirtoCommerce/vc-platform/releases/latest) [![Total downloads](https://img.shields.io/github/downloads/VirtoCommerce/vc-platform/total.svg?colorB=007ec6)](https://github.com/VirtoCommerce/vc-platform/releases) [![License](https://img.shields.io/badge/license-VC%20OSL-blue.svg)](https://virtocommerce.com/open-source-license)\n\n[![CI status](https://github.com/VirtoCommerce/vc-platform/workflows/Platform%20CI/badge.svg?branch=dev)](https://github.com/VirtoCommerce/vc-platform/actions?query=workflow%3A\"Platform+CI\") [![Quality gate](https://sonarcloud.io/api/project_badges/measure?project=VirtoCommerce_vc-platform\u0026metric=alert_status\u0026branch=dev)](https://sonarcloud.io/dashboard?id=VirtoCommerce_vc-platform) [![Reliability rating](https://sonarcloud.io/api/project_badges/measure?project=VirtoCommerce_vc-platform\u0026metric=reliability_rating\u0026branch=dev)](https://sonarcloud.io/dashboard?id=VirtoCommerce_vc-platform) [![Security rating](https://sonarcloud.io/api/project_badges/measure?project=VirtoCommerce_vc-platform\u0026metric=security_rating\u0026branch=dev)](https://sonarcloud.io/dashboard?id=VirtoCommerce_vc-platform) [![Sqale rating](https://sonarcloud.io/api/project_badges/measure?project=VirtoCommerce_vc-platform\u0026metric=sqale_rating\u0026branch=dev)](https://sonarcloud.io/dashboard?id=VirtoCommerce_vc-platform) [![Lines of code](https://sonarcloud.io/api/project_badges/measure?project=VirtoCommerce_vc-platform\u0026metric=ncloc\u0026branch=dev)](https://sonarcloud.io/dashboard?id=VirtoCommerce_vc-platform)\u0026emsp;\n\n[![Documentation](https://img.shields.io/badge/docs-read-brightgreen.svg)](https://docs.virtocommerce.org)\u0026nbsp; [![Commnunity](https://img.shields.io/badge/community-read-brightgreen.svg)](https://www.virtocommerce.org)\u0026nbsp; [![Contributors](https://img.shields.io/github/contributors/VirtoCommerce/vc-platform.svg)](https://github.com/VirtoCommerce/vc-platform/graphs/contributors)\n\n[![Deploy to Azure](https://aka.ms/deploytoazurebutton)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FVirtoCommerce%2Fvc-platform%2Fdev%2FazureDeployPlatformAndFrontend.json)\n\nVirto Commerce is an open-source platform for building extensible ecommerce applications. This includes complex digital commerce solutions for B2B, B2C, or B2B2C businesses, [marketplaces](https://virtocommerce.com/solutions/marketplace), and derived SaaS commerce platforms.\n\nVirto Commerce architecture is based on such principles as Microservices, API-first, Cloud-native, Headless, and Advanced Extensibility.\n\n## Principles\nThe main principle is to help the development teams focus on the implementation of business features without worrying about **CLEAN ARCHITECTURE**.\n\n* **[Atomic Architecture](https://virtocommerce.com/atomic-architecture)**: Assemble your scalable ecommerce solution by selecting ready-to-use modules that serve all your digital needs.\n* **[MICROSERVICES](https://virtocommerce.com/microservices)**: Every application is built from headless microservices (modules). Applications and microservices are not limited to composite applications, they can also be used for building any other application and hence are functionally independent. \n* **[API-FIRST](https://virtocommerce.com/api-ecommerce)**: Ecommerce service with the right API design. All business logic is accessible via API, either Rest or GraphQL. \n* **[CLOUD NATIVE](https://virtocommerce.com/cloud-ecommerce)**: Ecommerce service is delivered in line with the SaaS model. This adds significant benefits for your business: \n    1. *On-demand*: Use the ecommerce service as a whole or its separate components as needed.\n    1. *Scalability*: In the cloud, it can be easily scaled to support peak demand and long-term business growth. \n    1. *Reliability*: Leverage a solution deployed across multiple data centres and availability zones to maximize uptime and reduce potential revenue losses.\n* **[HEADLESS](https://virtocommerce.com/b2b-headless-ecommerce-solution)**: Allows an enterprise to support omnichannel journeys across traditional and digital touchpoints as well as new business models.\n* **EXTENSIBILITY AND [COMPOSABILITY](https://virtocommerce.com/composable-ecommerce)**: API model, persistence model, and business logic can be extended as needed without deploying or re-deploying the solution. This provides superior business agility and keeps you and your service up to date.\n\n## Overview\nThe following chart illustrates the high-level architecture and main areas of the Virto Commerce solutions:\n\n![Virto Commerce Architecture Reference](docs/media/vc-architecture-reference.png)\n\n**[Virto Commerce Platform](https://virtocommerce.com/b2b-ecommerce-platform)**: Launches the ecommerce applications in the public, hybrid, and private [cloud](https://virtocommerce.com/virto-commerce-cloud) environments. \n\n**Commerce Applications**: API-based, modular and extensible logical set of one or more headless microservices (modules) with a focus on the implementation of the business feature, such as Digital Catalog, Order Management, Content Management, Marketing, etc.\n\n**Custom Extensions**: Virto Commerce Module that enables extending API model, persistent model, business logic, and admin UI within the commerce applications.\n\n**External Commerce Applications**: Third-party ecommerce applications and services. \n\n**Touchpoints**: Sell your products on the website, through a mobile application, chatbot or any third-party services: marketplace, dropshipping, or any other option you create. Virto Commerce Storefront Kit allows you to manage various brands and stores in the same environment and with the same features.\n\n**Admin SPA**: Virto Commerce has an extensible and intuitive admin user interface, which allows you to manage data within your commerce applications across all channels.\n\n**[Integration](https://virtocommerce.com/integrations/key-ecommerce-integrations) middleware**: Asynchronous integration middleware for declarative integration with non-real-time and legacy services.\n\n## Introduction to Virto Commerce\nThese Virto Commerce docs will help you learn and use the Virto Commerce platform, from your local solution to optimizing complex enterprise builds: \n\n* [Quick Start](https://docs.virtocommerce.org/platform/developer-guide/)\n* [User Guide](https://docs.virtocommerce.org/platform/user-guide/)\n* [News Digest](https://www.virtocommerce.org/c/news-digest/15)\n\n## Technology Stack Used\n\nIn our work, we make every effort to always use advanced technologies. We picked the techs below as a result of our extensive experience in working with Microsoft products:\n\n* .NET and ASP.NET Core as base platform\n* EF Core as primary ORM\n* ASP.NET Core Identity for authentication and authorization\n* OpenIddict for OAuth authentication\n* WebPack as primary design/runtime bundler and minified\n* Swashbuckle.AspNetCore.SwaggerGen for Swagger docs and UI\n* SignalR Core for push notifications\n* AngularJS as a primary framework for SPA\n* HangFire for running background tasks\n\n## References\n* Documentation: https://docs.virtocommerce.org\n* Home: https://virtocommerce.com\n* Virto Commerce Frontend: https://docs.virtocommerce.org/storefront/\n* Youtube Videos: https://www.youtube.com/c/Virtocommerce/videos\n* Community: https://www.virtocommerce.org\n\n## License\n\nCopyright (c) Virto Solutions LTD. All rights reserved.\n\nLicensed under the Virto Commerce Open Software License (the \"License\"); you\nmay not use this file except in compliance with the License. You may\nobtain a copy of the License at http://virtocommerce.com/open-source-license\n\nUnless required by applicable law or agreed to in written form, the software\ndistributed under the License is provided on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or\nimplied.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fvirtocommerce%2Fvc-platform","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fvirtocommerce%2Fvc-platform","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fvirtocommerce%2Fvc-platform/lists"}