Bedrock - Performance Testing Framework
Initial implementation of a framework designed to allow us to interact at a granular level with each service.
Summary
Bedrock is a service that allows us to validate behaviours and performance of a given service or services but initially is focused on any given single service in our stack (any) i.e. complex multi-service resequencing is not supported directly. The actual implementation of bedrock in general is intentionally generic so should be able to be extended if required.
Start and Stopping Recording
First, it allows you to ‘snapshot’ any point in time from the Application’s perspective so that you can have a restore point to replay the following sequence of recorded events via a /record endpoint.
{
"recording_id": "validating-rebaser",
"postgres": ["si", "si_layer_db"],
"nats": ["REBASER_REQUESTS"],
"metadata": {
"messages": 1000,
"timeout": 300
}
}
This stores a snapshot of the databases provided, clears the NATS streams so there are no pending messages and sets up an auditing stream and consumer for each of the specified NATS streams to allow the sequence of messages to be recorded. The /stop endpoint then captures the messages on the specified audit streams and creates a .json sequence representation of the work that occurred during the test. This is all on local storage in a reference path ./recordings from the bedrock binary.
Prepare
Once the test has been recorded and the sequence of events and the restore point are stored, bedrock allows you to restore the stack back in the point in time by resetting the database and the NATS streams to the start point. To find the specified test Bedrock will first check local storage for the recording_id content, if it's not found it will look at artifacts.systeminit.com and try and read off that store if found. This then executes the "prepare" using the locally referenced recording store.
{
"recording_id": "validating-rebaser",
"parameters": {},
"executionParameters": {}
}
Replay
Bedrock then allows you to trigger any recorded test via a POST call to it’s API and will report a basic version of what it thinks the result is.
{
"recording_id": "validating-rebaser",
"parameters": {
"workspace_id": "01JVAP8SZGPT4K937KNXMAJXQN",
"change_set_id": "01JW98CQYHQQK4H2C6PA5QS95Z"
},
"execution_parameters": {
"iterations": 5,
"timeout": 10
}
}
Publish
Bedrock allows you to publish via /publish with a POST like the following:
{
"recording_id": "validating-rebaser"
}
When you attempt to publish you require AWS credentials for the si-shared-prod account to get write access to the si-artifacts-prod bucket. There is a specific new role that everyone at System initiative has called "DeveloperAccess" to that account, which specifically allows you to do write events against the ./bedrock/datasources/ subfolder within that production Artifact store.
A few points to note:
- execution_parameters is currently a no-op / i.e. they're ignored but are piped the whole way through for later
- the /profiles endpoint is stubbed, it needs to be improved to list the tests available locally and in the remote store
- the report at the end is a basic pass/fail, it could be much more colourful if we wish/want to extend it out. This was intentional as we're going to be using honeycomb data to see actual trends etc.
- This removes pgbouncer from the route from the applications perspective, which more closely aligns to what we have in Production. I've kept pgbouncer for the test postgres container as I'm worried I'd break the integration tests without it. I'll come back and tidy this up if it looks ok.
Dependency Review
✅ No vulnerabilities or OpenSSF Scorecard issues found.
OpenSSF Scorecard
Scorecard details
| Package | Version | Score | Details |
|---|
| cargo/aws-sdk-acmpca | 1.76.0 |
Unknown | Unknown |
| cargo/aws-sdk-s3 | 1.50.0 |
Unknown | Unknown |
| cargo/aws-sdk-ssm | 1.79.0 |
Unknown | Unknown |
| cargo/aws-sdk-sso | 1.71.0 |
Unknown | Unknown |
| cargo/aws-sdk-ssooidc | 1.72.0 |
Unknown | Unknown |
| cargo/aws-sdk-sts | 1.72.0 |
Unknown | Unknown |
| cargo/aws-smithy-checksums | 0.60.13 |
Unknown | Unknown |
| cargo/aws-smithy-eventstream | 0.60.8 |
Unknown | Unknown |
| cargo/aws-smithy-http | 0.60.12 |
Unknown | Unknown |
| cargo/aws-smithy-json | 0.60.7 |
Unknown | Unknown |
| cargo/base16ct | 0.1.1 |
:green_circle: 5.8 | Details| Check | Score | Reason |
|---|
| Security-Policy | :green_circle: 10 | security policy file detected | | Code-Review | :green_circle: 7 | Found 17/23 approved changesets -- score normalized to 7 | | Maintained | :green_circle: 10 | 30 commit(s) and 11 issue activity found in the last 90 days -- score normalized to 10 | | Packaging | :warning: -1 | packaging workflow not detected | | CII-Best-Practices | :warning: 0 | no effort to earn an OpenSSF best practices badge detected | | Dangerous-Workflow | :green_circle: 10 | no dangerous workflow patterns detected | | Binary-Artifacts | :green_circle: 10 | no binaries found in the repo | | License | :warning: 0 | license file not detected | | Signed-Releases | :warning: -1 | no releases found | | Token-Permissions | :warning: 0 | detected GitHub workflow tokens with excessive permissions | | Fuzzing | :green_circle: 10 | project is fuzzed | | Pinned-Dependencies | :warning: 0 | dependency not pinned by hash detected -- score normalized to 0 | | Branch-Protection | :warning: 0 | branch protection not enabled on development/release branches | | SAST | :warning: 0 | SAST tool is not run on all commits -- score normalized to 0 | | Vulnerabilities | :green_circle: 8 | 2 existing vulnerabilities detected |
|
| cargo/cc | 1.2.24 |
:green_circle: 6.3 | Details| Check | Score | Reason |
|---|
| Code-Review | :green_circle: 8 | Found 11/13 approved changesets -- score normalized to 8 | | Maintained | :green_circle: 10 | 30 commit(s) and 19 issue activity found in the last 90 days -- score normalized to 10 | | Binary-Artifacts | :green_circle: 10 | no binaries found in the repo | | CII-Best-Practices | :warning: 0 | no effort to earn an OpenSSF best practices badge detected | | Dangerous-Workflow | :green_circle: 10 | no dangerous workflow patterns detected | | Packaging | :warning: -1 | packaging workflow not detected | | Token-Permissions | :warning: 0 | detected GitHub workflow tokens with excessive permissions | | Pinned-Dependencies | :warning: 0 | dependency not pinned by hash detected -- score normalized to 0 | | License | :green_circle: 10 | license file detected | | Fuzzing | :warning: 0 | project is not fuzzed | | Vulnerabilities | :green_circle: 10 | 0 existing vulnerabilities detected | | Signed-Releases | :warning: -1 | no releases found | | Branch-Protection | :warning: -1 | internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration | | Security-Policy | :green_circle: 10 | security policy file detected | | SAST | :warning: 0 | SAST tool is not run on all commits -- score normalized to 0 |
|
| cargo/clap | 4.5.39 |
:green_circle: 5.1 | Details| Check | Score | Reason |
|---|
| Dangerous-Workflow | :green_circle: 10 | no dangerous workflow patterns detected | | Maintained | :green_circle: 10 | 30 commit(s) and 21 issue activity found in the last 90 days -- score normalized to 10 | | Packaging | :warning: -1 | packaging workflow not detected | | Code-Review | :warning: 2 | Found 5/20 approved changesets -- score normalized to 2 | | Token-Permissions | :green_circle: 10 | GitHub workflow tokens follow principle of least privilege | | Binary-Artifacts | :green_circle: 10 | no binaries found in the repo | | CII-Best-Practices | :warning: 0 | no effort to earn an OpenSSF best practices badge detected | | Security-Policy | :warning: 0 | security policy file not detected | | License | :green_circle: 10 | license file detected | | Pinned-Dependencies | :warning: 0 | dependency not pinned by hash detected -- score normalized to 0 | | Fuzzing | :warning: 0 | project is not fuzzed | | Signed-Releases | :warning: -1 | no releases found | | Branch-Protection | :warning: -1 | internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration | | SAST | :warning: 0 | SAST tool is not run on all commits -- score normalized to 0 | | Vulnerabilities | :warning: 1 | 9 existing vulnerabilities detected |
|
| cargo/clap_builder | 4.5.39 |
:green_circle: 5.1 | Details| Check | Score | Reason |
|---|
| Dangerous-Workflow | :green_circle: 10 | no dangerous workflow patterns detected | | Maintained | :green_circle: 10 | 30 commit(s) and 21 issue activity found in the last 90 days -- score normalized to 10 | | Packaging | :warning: -1 | packaging workflow not detected | | Code-Review | :warning: 2 | Found 5/20 approved changesets -- score normalized to 2 | | Token-Permissions | :green_circle: 10 | GitHub workflow tokens follow principle of least privilege | | Binary-Artifacts | :green_circle: 10 | no binaries found in the repo | | CII-Best-Practices | :warning: 0 | no effort to earn an OpenSSF best practices badge detected | | Security-Policy | :warning: 0 | security policy file not detected | | License | :green_circle: 10 | license file detected | | Pinned-Dependencies | :warning: 0 | dependency not pinned by hash detected -- score normalized to 0 | | Fuzzing | :warning: 0 | project is not fuzzed | | Signed-Releases | :warning: -1 | no releases found | | Branch-Protection | :warning: -1 | internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration | | SAST | :warning: 0 | SAST tool is not run on all commits -- score normalized to 0 | | Vulnerabilities | :warning: 1 | 9 existing vulnerabilities detected |
|
| cargo/core-foundation | 0.10.1 |
:green_circle: 5.2 | Details| Check | Score | Reason |
|---|
| Packaging | :warning: -1 | packaging workflow not detected | | Token-Permissions | :warning: 0 | detected GitHub workflow tokens with excessive permissions | | Dangerous-Workflow | :green_circle: 10 | no dangerous workflow patterns detected | | Binary-Artifacts | :green_circle: 10 | no binaries found in the repo | | Code-Review | :green_circle: 10 | all changesets reviewed | | Maintained | :green_circle: 4 | 4 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 4 | | Pinned-Dependencies | :warning: 0 | dependency not pinned by hash detected -- score normalized to 0 | | CII-Best-Practices | :warning: 0 | no effort to earn an OpenSSF best practices badge detected | | Security-Policy | :warning: 0 | security policy file not detected | | Vulnerabilities | :green_circle: 10 | 0 existing vulnerabilities detected | | License | :green_circle: 9 | license file detected | | Signed-Releases | :warning: -1 | no releases found | | Fuzzing | :warning: 0 | project is not fuzzed | | Branch-Protection | :warning: -1 | internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration | | SAST | :warning: 0 | SAST tool is not run on all commits -- score normalized to 0 |
|
| cargo/crc32c | 0.6.8 |
:green_circle: 4.3 | Details| Check | Score | Reason |
|---|
| Code-Review | :green_circle: 4 | Found 12/25 approved changesets -- score normalized to 4 | | Maintained | :warning: 0 | 0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 | | Dangerous-Workflow | :green_circle: 10 | no dangerous workflow patterns detected | | Binary-Artifacts | :green_circle: 10 | no binaries found in the repo | | Pinned-Dependencies | :warning: 0 | dependency not pinned by hash detected -- score normalized to 0 | | Token-Permissions | :warning: 0 | detected GitHub workflow tokens with excessive permissions | | CII-Best-Practices | :warning: 0 | no effort to earn an OpenSSF best practices badge detected | | Security-Policy | :warning: 0 | security policy file not detected | | Vulnerabilities | :green_circle: 10 | 0 existing vulnerabilities detected | | Signed-Releases | :warning: -1 | no releases found | | Fuzzing | :warning: 0 | project is not fuzzed | | License | :warning: 0 | license file not detected | | Packaging | :green_circle: 10 | packaging workflow detected | | Branch-Protection | :warning: -1 | internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration | | SAST | :warning: 0 | SAST tool is not run on all commits -- score normalized to 0 |
|
| cargo/crypto-bigint | 0.4.9 |
:green_circle: 5.5 | Details| Check | Score | Reason |
|---|
| Security-Policy | :green_circle: 10 | security policy file detected | | Packaging | :warning: -1 | packaging workflow not detected | | Dangerous-Workflow | :green_circle: 10 | no dangerous workflow patterns detected | | Code-Review | :green_circle: 5 | Found 16/27 approved changesets -- score normalized to 5 | | Maintained | :green_circle: 10 | 27 commit(s) and 8 issue activity found in the last 90 days -- score normalized to 10 | | CII-Best-Practices | :warning: 0 | no effort to earn an OpenSSF best practices badge detected | | Binary-Artifacts | :green_circle: 10 | no binaries found in the repo | | Token-Permissions | :warning: 0 | detected GitHub workflow tokens with excessive permissions | | Pinned-Dependencies | :warning: 0 | dependency not pinned by hash detected -- score normalized to 0 | | License | :green_circle: 10 | license file detected | | Fuzzing | :warning: 0 | project is not fuzzed | | Signed-Releases | :warning: -1 | no releases found | | Branch-Protection | :warning: 0 | branch protection not enabled on development/release branches | | Vulnerabilities | :green_circle: 10 | 0 existing vulnerabilities detected | | SAST | :warning: 0 | SAST tool is not run on all commits -- score normalized to 0 |
|
| cargo/der | 0.6.1 |
:green_circle: 5.8 | Details| Check | Score | Reason |
|---|
| Security-Policy | :green_circle: 10 | security policy file detected | | Code-Review | :green_circle: 7 | Found 17/23 approved changesets -- score normalized to 7 | | Maintained | :green_circle: 10 | 30 commit(s) and 11 issue activity found in the last 90 days -- score normalized to 10 | | Packaging | :warning: -1 | packaging workflow not detected | | CII-Best-Practices | :warning: 0 | no effort to earn an OpenSSF best practices badge detected | | Dangerous-Workflow | :green_circle: 10 | no dangerous workflow patterns detected | | Binary-Artifacts | :green_circle: 10 | no binaries found in the repo | | License | :warning: 0 | license file not detected | | Signed-Releases | :warning: -1 | no releases found | | Token-Permissions | :warning: 0 | detected GitHub workflow tokens with excessive permissions | | Fuzzing | :green_circle: 10 | project is fuzzed | | Pinned-Dependencies | :warning: 0 | dependency not pinned by hash detected -- score normalized to 0 | | Branch-Protection | :warning: 0 | branch protection not enabled on development/release branches | | SAST | :warning: 0 | SAST tool is not run on all commits -- score normalized to 0 | | Vulnerabilities | :green_circle: 8 | 2 existing vulnerabilities detected |
|
| cargo/ecdsa | 0.14.8 |
:green_circle: 6 | Details| Check | Score | Reason |
|---|
| Security-Policy | :green_circle: 10 | security policy file detected | | CII-Best-Practices | :warning: 0 | no effort to earn an OpenSSF best practices badge detected | | Maintained | :green_circle: 10 | 30 commit(s) and 11 issue activity found in the last 90 days -- score normalized to 10 | | Code-Review | :green_circle: 9 | Found 27/30 approved changesets -- score normalized to 9 | | Dangerous-Workflow | :green_circle: 10 | no dangerous workflow patterns detected | | Token-Permissions | :warning: 0 | detected GitHub workflow tokens with excessive permissions | | Binary-Artifacts | :green_circle: 10 | no binaries found in the repo | | Packaging | :warning: -1 | packaging workflow not detected | | Fuzzing | :warning: 0 | project is not fuzzed | | License | :warning: 0 | license file not detected | | Signed-Releases | :warning: -1 | no releases found | | Pinned-Dependencies | :warning: 0 | dependency not pinned by hash detected -- score normalized to 0 | | Branch-Protection | :warning: -1 | internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration | | SAST | :warning: 0 | SAST tool is not run on all commits -- score normalized to 0 | | Vulnerabilities | :green_circle: 9 | 1 existing vulnerabilities detected |
|
| cargo/elliptic-curve | 0.12.3 |
:green_circle: 5.3 | Details| Check | Score | Reason |
|---|
| Maintained | :green_circle: 10 | 30 commit(s) and 14 issue activity found in the last 90 days -- score normalized to 10 | | Code-Review | :green_circle: 7 | Found 17/24 approved changesets -- score normalized to 7 | | Security-Policy | :green_circle: 10 | security policy file detected | | Dangerous-Workflow | :green_circle: 10 | no dangerous workflow patterns detected | | Binary-Artifacts | :green_circle: 10 | no binaries found in the repo | | CII-Best-Practices | :warning: 0 | no effort to earn an OpenSSF best practices badge detected | | Packaging | :warning: -1 | packaging workflow not detected | | Token-Permissions | :warning: 0 | detected GitHub workflow tokens with excessive permissions | | License | :warning: 0 | license file not detected | | Signed-Releases | :warning: -1 | no releases found | | Fuzzing | :warning: 0 | project is not fuzzed | | Pinned-Dependencies | :warning: 0 | dependency not pinned by hash detected -- score normalized to 0 | | Branch-Protection | :warning: 0 | branch protection not enabled on development/release branches | | Vulnerabilities | :green_circle: 10 | 0 existing vulnerabilities detected | | SAST | :warning: 0 | SAST tool is not run on all commits -- score normalized to 0 |
|
| cargo/ff | 0.12.1 |
:green_circle: 5.1 | Details| Check | Score | Reason |
|---|
| Maintained | :green_circle: 10 | 12 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10 | | Binary-Artifacts | :green_circle: 10 | no binaries found in the repo | | Code-Review | :green_circle: 8 | Found 8/10 approved changesets -- score normalized to 8 | | Packaging | :warning: -1 | packaging workflow not detected | | Dangerous-Workflow | :green_circle: 10 | no dangerous workflow patterns detected | | Pinned-Dependencies | :warning: 0 | dependency not pinned by hash detected -- score normalized to 0 | | Token-Permissions | :warning: 0 | detected GitHub workflow tokens with excessive permissions | | CII-Best-Practices | :warning: 0 | no effort to earn an OpenSSF best practices badge detected | | Security-Policy | :warning: 0 | security policy file not detected | | Fuzzing | :warning: 0 | project is not fuzzed | | License | :green_circle: 10 | license file detected | | Signed-Releases | :warning: -1 | no releases found | | Branch-Protection | :warning: 0 | branch protection not enabled on development/release branches | | Vulnerabilities | :green_circle: 10 | 0 existing vulnerabilities detected | | SAST | :warning: 0 | SAST tool is not run on all commits -- score normalized to 0 |
|
| cargo/group | 0.12.1 |
:green_circle: 4.3 | Details| Check | Score | Reason |
|---|
| Code-Review | :green_circle: 8 | Found 9/11 approved changesets -- score normalized to 8 | | Maintained | :warning: 2 | 3 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 2 | | Dangerous-Workflow | :green_circle: 10 | no dangerous workflow patterns detected | | Packaging | :warning: -1 | packaging workflow not detected | | Binary-Artifacts | :green_circle: 10 | no binaries found in the repo | | Pinned-Dependencies | :warning: 0 | dependency not pinned by hash detected -- score normalized to 0 | | Token-Permissions | :warning: 0 | detected GitHub workflow tokens with excessive permissions | | CII-Best-Practices | :warning: 0 | no effort to earn an OpenSSF best practices badge detected | | Security-Policy | :warning: 0 | security policy file not detected | | Fuzzing | :warning: 0 | project is not fuzzed | | Signed-Releases | :warning: -1 | no releases found | | License | :green_circle: 9 | license file detected | | Branch-Protection | :warning: 0 | branch protection not enabled on development/release branches | | Vulnerabilities | :green_circle: 10 | 0 existing vulnerabilities detected | | SAST | :warning: 0 | SAST tool is not run on all commits -- score normalized to 0 |
|
| cargo/hyper-rustls | 0.27.6 |
Unknown | Unknown |
| cargo/hyper-util | 0.1.13 |
Unknown | Unknown |
| cargo/iri-string | 0.7.8 |
:green_circle: 4.1 | Details| Check | Score | Reason |
|---|
| Token-Permissions | :warning: -1 | No tokens found | | Code-Review | :warning: 0 | Found 2/29 approved changesets -- score normalized to 0 | | Packaging | :warning: -1 | packaging workflow not detected | | Maintained | :green_circle: 8 | 9 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 8 | | Dangerous-Workflow | :warning: -1 | no workflows found | | CII-Best-Practices | :warning: 0 | no effort to earn an OpenSSF best practices badge detected | | Binary-Artifacts | :green_circle: 10 | no binaries found in the repo | | Pinned-Dependencies | :warning: -1 | no dependencies found | | Security-Policy | :warning: 0 | security policy file not detected | | Fuzzing | :warning: 0 | project is not fuzzed | | Vulnerabilities | :green_circle: 10 | 0 existing vulnerabilities detected | | Signed-Releases | :warning: -1 | no releases found | | License | :green_circle: 10 | license file detected | | Branch-Protection | :warning: 0 | branch protection not enabled on development/release branches | | SAST | :warning: 0 | SAST tool is not run on all commits -- score normalized to 0 |
|
| cargo/libloading | 0.8.8 |
:green_circle: 4.6 | Details| Check | Score | Reason |
|---|
| Code-Review | :green_circle: 4 | Found 9/20 approved changesets -- score normalized to 4 | | Dangerous-Workflow | :green_circle: 10 | no dangerous workflow patterns detected | | Binary-Artifacts | :green_circle: 8 | binaries present in source code | | Maintained | :green_circle: 10 | 10 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10 | | Token-Permissions | :warning: 0 | detected GitHub workflow tokens with excessive permissions | | Packaging | :warning: -1 | packaging workflow not detected | | Pinned-Dependencies | :warning: 0 | dependency not pinned by hash detected -- score normalized to 0 | | CII-Best-Practices | :warning: 0 | no effort to earn an OpenSSF best practices badge detected | | Vulnerabilities | :green_circle: 10 | 0 existing vulnerabilities detected | | Fuzzing | :warning: 0 | project is not fuzzed | | Security-Policy | :warning: 0 | security policy file not detected | | License | :green_circle: 10 | license file detected | | Signed-Releases | :warning: -1 | no releases found | | Branch-Protection | :warning: 0 | branch protection not enabled on development/release branches | | SAST | :warning: 0 | SAST tool is not run on all commits -- score normalized to 0 |
|
| cargo/lru | 0.12.5 |
:green_circle: 4.8 | Details| Check | Score | Reason |
|---|
| Binary-Artifacts | :green_circle: 10 | no binaries found in the repo | | Maintained | :green_circle: 6 | 8 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 6 | | Code-Review | :green_circle: 4 | Found 6/14 approved changesets -- score normalized to 4 | | Packaging | :warning: -1 | packaging workflow not detected | | Token-Permissions | :warning: 0 | detected GitHub workflow tokens with excessive permissions | | Dangerous-Workflow | :green_circle: 10 | no dangerous workflow patterns detected | | Pinned-Dependencies | :warning: 0 | dependency not pinned by hash detected -- score normalized to 0 | | CII-Best-Practices | :warning: 0 | no effort to earn an OpenSSF best practices badge detected | | Security-Policy | :warning: 0 | security policy file not detected | | License | :green_circle: 10 | license file detected | | Fuzzing | :warning: 0 | project is not fuzzed | | Vulnerabilities | :green_circle: 10 | 0 existing vulnerabilities detected | | Branch-Protection | :warning: -1 | internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration | | SAST | :warning: 0 | SAST tool is not run on all commits -- score normalized to 0 | | Signed-Releases | :warning: -1 | no releases found |
|
| cargo/mio | 1.0.4 |
:green_circle: 6.9 | Details| Check | Score | Reason |
|---|
| Dangerous-Workflow | :green_circle: 10 | no dangerous workflow patterns detected | | Code-Review | :green_circle: 10 | all changesets reviewed | | Maintained | :green_circle: 10 | 9 commit(s) and 9 issue activity found in the last 90 days -- score normalized to 10 | | Binary-Artifacts | :green_circle: 10 | no binaries found in the repo | | Packaging | :warning: -1 | packaging workflow not detected | | Token-Permissions | :green_circle: 10 | GitHub workflow tokens follow principle of least privilege | | CII-Best-Practices | :warning: 0 | no effort to earn an OpenSSF best practices badge detected | | Pinned-Dependencies | :warning: 0 | dependency not pinned by hash detected -- score normalized to 0 | | Security-Policy | :warning: 0 | security policy file not detected | | Vulnerabilities | :green_circle: 10 | 0 existing vulnerabilities detected | | License | :green_circle: 10 | license file detected | | Fuzzing | :warning: 0 | project is not fuzzed | | Signed-Releases | :warning: -1 | no releases found | | Branch-Protection | :warning: -1 | internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration | | SAST | :warning: 0 | SAST tool is not run on all commits -- score normalized to 0 |
|
| cargo/p256 | 0.11.1 |
:green_circle: 5.5 | Details| Check | Score | Reason |
|---|
| Security-Policy | :green_circle: 10 | security policy file detected | | Maintained | :green_circle: 10 | 30 commit(s) and 7 issue activity found in the last 90 days -- score normalized to 10 | | Code-Review | :green_circle: 3 | Found 10/30 approved changesets -- score normalized to 3 | | CII-Best-Practices | :warning: 0 | no effort to earn an OpenSSF best practices badge detected | | Dangerous-Workflow | :green_circle: 10 | no dangerous workflow patterns detected | | Binary-Artifacts | :green_circle: 10 | no binaries found in the repo | | Token-Permissions | :warning: 0 | detected GitHub workflow tokens with excessive permissions | | Packaging | :warning: -1 | packaging workflow not detected | | License | :warning: 0 | license file not detected | | Signed-Releases | :warning: -1 | no releases found | | Branch-Protection | :warning: -1 | internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration | | Pinned-Dependencies | :warning: 0 | dependency not pinned by hash detected -- score normalized to 0 | | Fuzzing | :warning: 0 | project is not fuzzed | | Vulnerabilities | :green_circle: 10 | 0 existing vulnerabilities detected | | SAST | :warning: 0 | SAST tool is not run on all commits -- score normalized to 0 |
|
| cargo/pkcs8 | 0.9.0 |
:green_circle: 5.8 | Details| Check | Score | Reason |
|---|
| Security-Policy | :green_circle: 10 | security policy file detected | | Code-Review | :green_circle: 7 | Found 17/23 approved changesets -- score normalized to 7 | | Maintained | :green_circle: 10 | 30 commit(s) and 11 issue activity found in the last 90 days -- score normalized to 10 | | Packaging | :warning: -1 | packaging workflow not detected | | CII-Best-Practices | :warning: 0 | no effort to earn an OpenSSF best practices badge detected | | Dangerous-Workflow | :green_circle: 10 | no dangerous workflow patterns detected | | Binary-Artifacts | :green_circle: 10 | no binaries found in the repo | | License | :warning: 0 | license file not detected | | Signed-Releases | :warning: -1 | no releases found | | Token-Permissions | :warning: 0 | detected GitHub workflow tokens with excessive permissions | | Fuzzing | :green_circle: 10 | project is fuzzed | | Pinned-Dependencies | :warning: 0 | dependency not pinned by hash detected -- score normalized to 0 | | Branch-Protection | :warning: 0 | branch protection not enabled on development/release branches | | SAST | :warning: 0 | SAST tool is not run on all commits -- score normalized to 0 | | Vulnerabilities | :green_circle: 8 | 2 existing vulnerabilities detected |
|
| cargo/reqwest | 0.12.18 |
:green_circle: 5.6 | Details| Check | Score | Reason |
|---|
| Code-Review | :green_circle: 7 | Found 21/30 approved changesets -- score normalized to 7 | | Packaging | :warning: -1 | packaging workflow not detected | | Dangerous-Workflow | :green_circle: 10 | no dangerous workflow patterns detected | | Maintained | :green_circle: 10 | 30 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10 | | Token-Permissions | :warning: 0 | detected GitHub workflow tokens with excessive permissions | | CII-Best-Practices | :warning: 0 | no effort to earn an OpenSSF best practices badge detected | | Binary-Artifacts | :green_circle: 10 | no binaries found in the repo | | Pinned-Dependencies | :warning: 0 | dependency not pinned by hash detected -- score normalized to 0 | | Security-Policy | :warning: 0 | security policy file not detected | | License | :green_circle: 10 | license file detected | | Fuzzing | :warning: 0 | project is not fuzzed | | Vulnerabilities | :green_circle: 10 | 0 existing vulnerabilities detected | | Signed-Releases | :warning: -1 | no releases found | | Branch-Protection | :warning: -1 | internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration | | SAST | :warning: 0 | SAST tool is not run on all commits -- score normalized to 0 |
|
| cargo/rfc6979 | 0.3.1 |
:green_circle: 6 | Details| Check | Score | Reason |
|---|
| Security-Policy | :green_circle: 10 | security policy file detected | | CII-Best-Practices | :warning: 0 | no effort to earn an OpenSSF best practices badge detected | | Maintained | :green_circle: 10 | 30 commit(s) and 11 issue activity found in the last 90 days -- score normalized to 10 | | Code-Review | :green_circle: 9 | Found 27/30 approved changesets -- score normalized to 9 | | Dangerous-Workflow | :green_circle: 10 | no dangerous workflow patterns detected | | Token-Permissions | :warning: 0 | detected GitHub workflow tokens with excessive permissions | | Binary-Artifacts | :green_circle: 10 | no binaries found in the repo | | Packaging | :warning: -1 | packaging workflow not detected | | Fuzzing | :warning: 0 | project is not fuzzed | | License | :warning: 0 | license file not detected | | Signed-Releases | :warning: -1 | no releases found | | Pinned-Dependencies | :warning: 0 | dependency not pinned by hash detected -- score normalized to 0 | | Branch-Protection | :warning: -1 | internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration | | SAST | :warning: 0 | SAST tool is not run on all commits -- score normalized to 0 | | Vulnerabilities | :green_circle: 9 | 1 existing vulnerabilities detected |
|
| cargo/sea-orm | 1.1.12 |
Unknown | Unknown |
| cargo/sea-orm-macros | 1.1.12 |
Unknown | Unknown |
| cargo/sea-query | 0.32.6 |
Unknown | Unknown |
| cargo/sec1 | 0.3.0 |
:green_circle: 5.8 | Details| Check | Score | Reason |
|---|
| Security-Policy | :green_circle: 10 | security policy file detected | | Code-Review | :green_circle: 7 | Found 17/23 approved changesets -- score normalized to 7 | | Maintained | :green_circle: 10 | 30 commit(s) and 11 issue activity found in the last 90 days -- score normalized to 10 | | Packaging | :warning: -1 | packaging workflow not detected | | CII-Best-Practices | :warning: 0 | no effort to earn an OpenSSF best practices badge detected | | Dangerous-Workflow | :green_circle: 10 | no dangerous workflow patterns detected | | Binary-Artifacts | :green_circle: 10 | no binaries found in the repo | | License | :warning: 0 | license file not detected | | Signed-Releases | :warning: -1 | no releases found | | Token-Permissions | :warning: 0 | detected GitHub workflow tokens with excessive permissions | | Fuzzing | :green_circle: 10 | project is fuzzed | | Pinned-Dependencies | :warning: 0 | dependency not pinned by hash detected -- score normalized to 0 | | Branch-Protection | :warning: 0 | branch protection not enabled on development/release branches | | SAST | :warning: 0 | SAST tool is not run on all commits -- score normalized to 0 | | Vulnerabilities | :green_circle: 8 | 2 existing vulnerabilities detected |
|
| cargo/socket2 | 0.5.10 |
:green_circle: 6.6 | Details| Check | Score | Reason |
|---|
| Packaging | :warning: -1 | packaging workflow not detected | | Code-Review | :green_circle: 10 | all changesets reviewed | | Maintained | :green_circle: 10 | 9 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10 | | Binary-Artifacts | :green_circle: 10 | no binaries found in the repo | | Dangerous-Workflow | :green_circle: 10 | no dangerous workflow patterns detected | | Token-Permissions | :warning: 0 | detected GitHub workflow tokens with excessive permissions | | CII-Best-Practices | :warning: 0 | no effort to earn an OpenSSF best practices badge detected | | Pinned-Dependencies | :warning: 0 | dependency not pinned by hash detected -- score normalized to 0 | | License | :green_circle: 10 | license file detected | | Vulnerabilities | :green_circle: 10 | 0 existing vulnerabilities detected | | Fuzzing | :warning: 0 | project is not fuzzed | | Signed-Releases | :warning: -1 | no releases found | | Branch-Protection | :warning: -1 | internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration | | Security-Policy | :green_circle: 10 | security policy file detected | | SAST | :warning: 0 | SAST tool is not run on all commits -- score normalized to 0 |
|
| cargo/spki | 0.6.0 |
:green_circle: 5.8 | Details| Check | Score | Reason |
|---|
| Security-Policy | :green_circle: 10 | security policy file detected | | Code-Review | :green_circle: 7 | Found 17/23 approved changesets -- score normalized to 7 | | Maintained | :green_circle: 10 | 30 commit(s) and 11 issue activity found in the last 90 days -- score normalized to 10 | | Packaging | :warning: -1 | packaging workflow not detected | | CII-Best-Practices | :warning: 0 | no effort to earn an OpenSSF best practices badge detected | | Dangerous-Workflow | :green_circle: 10 | no dangerous workflow patterns detected | | Binary-Artifacts | :green_circle: 10 | no binaries found in the repo | | License | :warning: 0 | license file not detected | | Signed-Releases | :warning: -1 | no releases found | | Token-Permissions | :warning: 0 | detected GitHub workflow tokens with excessive permissions | | Fuzzing | :green_circle: 10 | project is fuzzed | | Pinned-Dependencies | :warning: 0 | dependency not pinned by hash detected -- score normalized to 0 | | Branch-Protection | :warning: 0 | branch protection not enabled on development/release branches | | SAST | :warning: 0 | SAST tool is not run on all commits -- score normalized to 0 | | Vulnerabilities | :green_circle: 8 | 2 existing vulnerabilities detected |
|
| cargo/tokio | 1.45.1 |
:green_circle: 8.2 | Details| Check | Score | Reason |
|---|
| Code-Review | :green_circle: 9 | Found 28/30 approved changesets -- score normalized to 9 | | Security-Policy | :green_circle: 10 | security policy file detected | | Maintained | :green_circle: 10 | 30 commit(s) and 5 issue activity found in the last 90 days -- score normalized to 10 | | Packaging | :warning: -1 | packaging workflow not detected | | CII-Best-Practices | :warning: 0 | no effort to earn an OpenSSF best practices badge detected | | Dangerous-Workflow | :green_circle: 10 | no dangerous workflow patterns detected | | License | :green_circle: 10 | license file detected | | Vulnerabilities | :green_circle: 10 | 0 existing vulnerabilities detected | | Binary-Artifacts | :green_circle: 10 | no binaries found in the repo | | Token-Permissions | :green_circle: 10 | GitHub workflow tokens follow principle of least privilege | | Branch-Protection | :warning: -1 | internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration | | Signed-Releases | :warning: -1 | no releases found | | Pinned-Dependencies | :warning: 0 | dependency not pinned by hash detected -- score normalized to 0 | | Fuzzing | :green_circle: 10 | project is fuzzed | | SAST | :warning: 0 | SAST tool is not run on all commits -- score normalized to 0 |
|
| cargo/tower-http | 0.6.4 |
:green_circle: 5.4 | Details| Check | Score | Reason |
|---|
| Maintained | :green_circle: 10 | 17 commit(s) and 10 issue activity found in the last 90 days -- score normalized to 10 | | Code-Review | :green_circle: 9 | Found 26/27 approved changesets -- score normalized to 9 | | Dangerous-Workflow | :green_circle: 10 | no dangerous workflow patterns detected | | CII-Best-Practices | :warning: 0 | no effort to earn an OpenSSF best practices badge detected | | Binary-Artifacts | :green_circle: 10 | no binaries found in the repo | | Packaging | :warning: -1 | packaging workflow not detected | | Token-Permissions | :warning: 0 | detected GitHub workflow tokens with excessive permissions | | Pinned-Dependencies | :warning: 0 | dependency not pinned by hash detected -- score normalized to 0 | | Security-Policy | :warning: 0 | security policy file not detected | | License | :warning: 0 | license file not detected | | Fuzzing | :warning: 0 | project is not fuzzed | | Vulnerabilities | :green_circle: 10 | 0 existing vulnerabilities detected | | Signed-Releases | :warning: -1 | no releases found | | Branch-Protection | :warning: -1 | internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration | | SAST | :warning: 0 | SAST tool is not run on all commits -- score normalized to 0 |
|
Scanned Files
Okay, starting a try! I'll update this comment once it's running...\n
🚀 Try running here! 🚀
systeminit
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}