{"id":13710046,"url":"https://github.com/viur-framework/viur-core","last_synced_at":"2026-04-14T08:00:36.979Z","repository":{"id":36951124,"uuid":"227369624","full_name":"viur-framework/viur-core","owner":"viur-framework","description":"The core component of ViUR, the Python framework for modern web development.","archived":false,"fork":false,"pushed_at":"2026-04-10T10:17:00.000Z","size":78414,"stargazers_count":16,"open_issues_count":155,"forks_count":13,"subscribers_count":7,"default_branch":"main","last_synced_at":"2026-04-10T12:25:33.651Z","etag":null,"topics":["appengine-python","application-framework","framework","google-appengine","google-cloud-platform","google-datastore","jinja2","python","python-framework","python3","viur"],"latest_commit_sha":null,"homepage":"https://www.viur.dev","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/viur-framework.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2019-12-11T13:14:58.000Z","updated_at":"2026-04-10T10:16:17.000Z","dependencies_parsed_at":"2026-01-19T13:12:25.012Z","dependency_job_id":null,"html_url":"https://github.com/viur-framework/viur-core","commit_stats":{"total_commits":2566,"total_committers":24,"mean_commits":"106.91666666666667","dds":0.5249415432579891,"last_synced_commit":"e3e5a3705b688bb86bcfe1d3b7be42faa6773b08"},"previous_names":[],"tags_count":217,"template":false,"template_full_name":null,"purl":"pkg:github/viur-framework/viur-core","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/viur-framework%2Fviur-core","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/viur-framework%2Fviur-core/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/viur-framework%2Fviur-core/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/viur-framework%2Fviur-core/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/viur-framework","download_url":"https://codeload.github.com/viur-framework/viur-core/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/viur-framework%2Fviur-core/sbom","scorecard":{"id":924390,"data":{"date":"2025-08-18","repo":{"name":"github.com/viur-framework/viur-core","commit":"245edfe067589d3954ffc856bd49e7d423b7e1d2"},"scorecard":{"version":"v5.2.1-41-g40576783","commit":"40576783fda6698350fcbbeaea760ff827433034"},"score":5.1,"checks":[{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/40576783fda6698350fcbbeaea760ff827433034/docs/checks.md#dangerous-workflow"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/pep8.yaml:1","Warn: no topLevel permission defined: .github/workflows/publish.yaml:1","Warn: no topLevel permission defined: .github/workflows/python-test.yaml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/40576783fda6698350fcbbeaea760ff827433034/docs/checks.md#token-permissions"}},{"name":"Maintained","score":10,"reason":"8 commit(s) and 15 issue activity found in the last 90 days -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/40576783fda6698350fcbbeaea760ff827433034/docs/checks.md#maintained"}},{"name":"Code-Review","score":6,"reason":"Found 20/30 approved changesets -- score normalized to 6","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/40576783fda6698350fcbbeaea760ff827433034/docs/checks.md#code-review"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/40576783fda6698350fcbbeaea760ff827433034/docs/checks.md#cii-best-practices"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/40576783fda6698350fcbbeaea760ff827433034/docs/checks.md#binary-artifacts"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pep8.yaml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/viur-framework/viur-core/pep8.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pep8.yaml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/viur-framework/viur-core/pep8.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yaml:10: update your workflow using https://app.stepsecurity.io/secureworkflow/viur-framework/viur-core/publish.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yaml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/viur-framework/viur-core/publish.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yaml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/viur-framework/viur-core/publish.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yaml:46: update your workflow using https://app.stepsecurity.io/secureworkflow/viur-framework/viur-core/publish.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish.yaml:51: update your workflow using https://app.stepsecurity.io/secureworkflow/viur-framework/viur-core/publish.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/python-test.yaml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/viur-framework/viur-core/python-test.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/python-test.yaml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/viur-framework/viur-core/python-test.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/python-test.yaml:59: update your workflow using https://app.stepsecurity.io/secureworkflow/viur-framework/viur-core/python-test.yaml/main?enable=pin","Warn: pipCommand not pinned by hash: .github/workflows/pep8.yaml:31","Warn: pipCommand not pinned by hash: .github/workflows/publish.yaml:19","Warn: pipCommand not pinned by hash: .github/workflows/python-test.yaml:32","Warn: pipCommand not pinned by hash: .github/workflows/python-test.yaml:33","Warn: pipCommand not pinned by hash: .github/workflows/python-test.yaml:34","Info:   0 out of   8 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of   2 third-party GitHubAction dependencies pinned","Info:   0 out of   5 pipCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/40576783fda6698350fcbbeaea760ff827433034/docs/checks.md#pinned-dependencies"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/40576783fda6698350fcbbeaea760ff827433034/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/40576783fda6698350fcbbeaea760ff827433034/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: MIT License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/40576783fda6698350fcbbeaea760ff827433034/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/40576783fda6698350fcbbeaea760ff827433034/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":8,"reason":"branch protection is not maximal on development and all release branches","details":["Info: 'allow deletion' disabled on branch 'main'","Info: 'force pushes' disabled on branch 'main'","Warn: required approving review count is 1 on branch 'main'","Warn: codeowners review is required - but no codeowners file found in repo","Info: status check found to merge onto on branch 'main'","Info: PRs are required in order to make changes on branch 'main'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/40576783fda6698350fcbbeaea760ff827433034/docs/checks.md#branch-protection"}},{"name":"Packaging","score":10,"reason":"packaging workflow detected","details":["Info: Project packages its releases by way of GitHub Actions.: .github/workflows/publish.yaml:31"],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/40576783fda6698350fcbbeaea760ff827433034/docs/checks.md#packaging"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 20 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/40576783fda6698350fcbbeaea760ff827433034/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":0,"reason":"31 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-9hjg-9r4m-mvj7","Warn: Project is vulnerable to: GHSA-48p4-8xcf-vxj5","Warn: Project is vulnerable to: GHSA-pq67-6m6q-mj2v","Warn: Project is vulnerable to: PYSEC-2024-230 / GHSA-248v-346w-9cwc","Warn: Project is vulnerable to: PYSEC-2024-60 / GHSA-jjg7-2v4v-x38h","Warn: Project is vulnerable to: GHSA-cpwx-vrp4-4pq7","Warn: Project is vulnerable to: GHSA-gmj6-6f8f-6699","Warn: Project is vulnerable to: GHSA-h5c8-rqwp-cp95","Warn: Project is vulnerable to: GHSA-h75v-3vvj-5mfj","Warn: Project is vulnerable to: GHSA-q2x7-8rv6-6q7h","Warn: Project is vulnerable to: GHSA-9wx4-h78v-vm56","Warn: Project is vulnerable to: GHSA-753j-mpmx-qq6g","Warn: Project is vulnerable to: GHSA-7cx3-6m66-7c5m","Warn: Project is vulnerable to: GHSA-8w49-h785-mj3c","Warn: Project is vulnerable to: GHSA-w235-7p84-xx57","Warn: Project is vulnerable to: GHSA-34jh-p97f-mpxf","Warn: Project is vulnerable to: PYSEC-2023-212 / GHSA-g4mx-q9vg-27p4","Warn: Project is vulnerable to: PYSEC-2020-213 / GHSA-8vpw-mgpf-mpvv","Warn: Project is vulnerable to: PYSEC-2012-5 / GHSA-f7fv-v9rh-prvc","Warn: Project is vulnerable to: PYSEC-2023-75 / GHSA-hj3f-6gcp-jg8j","Warn: Project is vulnerable to: GHSA-qppv-j76h-2rpx","Warn: Project is vulnerable to: GHSA-8qvm-5x2c-j2w7","Warn: Project is vulnerable to: PYSEC-2025-49 / GHSA-5rjg-fvgr-3xxf","Warn: Project is vulnerable to: PYSEC-2024-188 / GHSA-mg3v-6m49-jhp3","Warn: Project is vulnerable to: GHSA-3f63-hfp8-52jq","Warn: Project is vulnerable to: GHSA-44wm-f244-xhp3","Warn: Project is vulnerable to: GHSA-j7hp-h8jx-5ppr","Warn: Project is vulnerable to: PYSEC-2023-175","Warn: Project is vulnerable to: PYSEC-2014-14 / GHSA-652x-xj99-gmcc","Warn: Project is vulnerable to: PYSEC-2014-13 / GHSA-cfj3-7x9c-4p3h","Warn: Project is vulnerable to: PYSEC-2018-28 / GHSA-x84v-xcm2-53pg"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/40576783fda6698350fcbbeaea760ff827433034/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-25T09:35:10.177Z","repository_id":36951124,"created_at":"2025-08-25T09:35:10.177Z","updated_at":"2025-08-25T09:35:10.177Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31787263,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-14T02:24:21.117Z","status":"ssl_error","status_checked_at":"2026-04-14T02:24:20.627Z","response_time":153,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["appengine-python","application-framework","framework","google-appengine","google-cloud-platform","google-datastore","jinja2","python","python-framework","python3","viur"],"created_at":"2024-08-02T23:00:51.193Z","updated_at":"2026-04-14T08:00:36.959Z","avatar_url":"https://github.com/viur-framework.png","language":"Python","readme":"\u003cdiv align=\"center\"\u003e\n    \u003cimg src=\"https://github.com/viur-framework/viur-artwork/raw/main/icons/icon-core.svg\" height=\"196\" alt=\"A hexagonal logo of the viur-core\" title=\"viur-core\"\u003e\n    \u003ch1\u003eviur-core\u003c/h1\u003e\n    \u003ca href=\"https://github.com/viur-framework/viur-core/actions/workflows/python-test.yaml\"\u003e\n        \u003cimg src=\"https://github.com/viur-framework/viur-core/actions/workflows/python-test.yaml/badge.svg\" alt=\"Badge for Python test suite\" title=\"Python test suite\"\u003e\n    \u003c/a\u003e\n    \u003ca href=\"https://core.docs.viur.dev/en/main/\"\u003e\n        \u003cimg src=\"https://readthedocs.org/projects/viur-core/badge/?version=main\" alt=\"Badge for readthedocs.org build status\" title=\"readthedocs.org/viur-core\"\u003e\n    \u003c/a\u003e\n    \u003ca href=\"https://pypi.org/project/viur-core/\"\u003e\n        \u003cimg alt=\"Badge showing current PyPI version\" title=\"PyPI\" src=\"https://img.shields.io/pypi/v/viur-core\"\u003e\n    \u003c/a\u003e\n    \u003ca href=\"https://github.com/viur-framework/viur-core/blob/main/LICENSE\"\u003e\n        \u003cimg src=\"https://img.shields.io/github/license/viur-framework/viur-core\" alt=\"Badge displaying the license\" title=\"License badge\"\u003e\n    \u003c/a\u003e\n    \u003cbr\u003e\n    This is the core component of the \u003ca href=\"https://www.viur.dev\"\u003eViUR framework\u003c/a\u003e.\n\u003c/div\u003e\n\n## About\n\nViUR is an application development framework for the Google App Engine™.\n\nViUR was developed to meet the needs and requirements of both designers and developers. It provides a clear concept for the implementation of agile data management software systems. It is written in Python™ and has already attracted a growing community that is constantly supporting and improving ViUR.\n\n## Getting started\n\nTo get started with ViUR, check out [viur-base](https://github.com/viur-framework/viur-base). It comes with a pre-configured and well documented project template to immediately start with.\n\n## Migration\n\nThe package contains a service tool `viur-migrate` to migrate existing project sources to the current `viur-core`, by replacing old namings and config variables by their newer counterparts.\n\nAfter checking the result with `viur-migrate ./deploy/ -d` you can apply the changes with `viur-migrate ./deploy/ -x`.\n\n## Contributing\n\nHelp of any kind to extend and improve or enhance this project in any kind or way is always appreciated.\n\nWe take great interest in your opinion about ViUR. We appreciate your feedback and are looking forward to hear about your ideas. Share your vision or questions with us and participate in ongoing discussions.\n\nSee our [contribution guidelines](CONTRIBUTING.md) for details.\n\n## License\n\nCopyright © 2026 by Mausbrand Informationssysteme GmbH.\u003cbr\u003e\nMausbrand and ViUR are registered trademarks of Mausbrand Informationssysteme GmbH.\n\nLicensed under the MIT license. See LICENSE for more information.\n","funding_links":[],"categories":["Official ViUR Resources"],"sub_categories":["Main Repositories"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fviur-framework%2Fviur-core","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fviur-framework%2Fviur-core","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fviur-framework%2Fviur-core/lists"}