{"id":34560,"name":"publications","description":"Publications from Trail of Bits","url":"https://github.com/trailofbits/publications","last_synced_at":"2025-09-05T06:17:27.239Z","repository":{"id":31252453,"uuid":"34814001","full_name":"trailofbits/publications","owner":"trailofbits","description":"Publications from Trail of Bits","archived":false,"fork":false,"pushed_at":"2025-08-27T02:22:48.000Z","size":907135,"stargazers_count":1636,"open_issues_count":11,"forks_count":200,"subscribers_count":140,"default_branch":"master","last_synced_at":"2025-08-27T10:55:10.003Z","etag":null,"topics":["academic-papers","conference-presentations","security-reviews"],"latest_commit_sha":null,"homepage":"https://www.trailofbits.com","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"cc-by-sa-4.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/trailofbits.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":"citation_guidelines.pdf","codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2015-04-29T19:30:25.000Z","updated_at":"2025-08-26T14:58:43.000Z","dependencies_parsed_at":"2023-02-14T01:45:37.491Z","dependency_job_id":"887c7d44-5ece-4868-a13f-242b24b36b50","html_url":"https://github.com/trailofbits/publications","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/trailofbits/publications","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/trailofbits%2Fpublications","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/trailofbits%2Fpublications/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/trailofbits%2Fpublications/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/trailofbits%2Fpublications/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/trailofbits","download_url":"https://codeload.github.com/trailofbits/publications/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/trailofbits%2Fpublications/sbom","scorecard":{"id":896649,"data":{"date":"2025-08-11","repo":{"name":"github.com/trailofbits/publications","commit":"360838ec9e821b057b2035fc275665147b3f3405"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":7.3,"checks":[{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Maintained","score":10,"reason":"30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Code-Review","score":8,"reason":"Found 9/11 approved changesets -- score normalized to 8","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Token-Permissions","score":9,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Info: jobLevel 'contents' permission set to 'read': .github/workflows/claude-code-review.yml:23","Info: jobLevel 'pull-requests' permission set to 'read': .github/workflows/claude-code-review.yml:24","Info: jobLevel 'issues' permission set to 'read': .github/workflows/claude-code-review.yml:25","Info: jobLevel 'contents' permission set to 'read': .github/workflows/claude.yml:22","Info: jobLevel 'pull-requests' permission set to 'read': .github/workflows/claude.yml:23","Info: jobLevel 'issues' permission set to 'read': .github/workflows/claude.yml:24","Info: jobLevel 'actions' permission set to 'read': .github/workflows/claude.yml:26","Warn: no topLevel permission defined: .github/workflows/claude-code-review.yml:1","Warn: no topLevel permission defined: .github/workflows/claude.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: Creative Commons Attribution Share Alike 4.0 International: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Security-Policy","score":10,"reason":"security policy file detected","details":["Info: security policy file detected: github.com/trailofbits/.github/SECURITY.md:1","Info: Found linked content: github.com/trailofbits/.github/SECURITY.md:1","Info: Found disclosure, vulnerability, and/or timelines in security policy: github.com/trailofbits/.github/SECURITY.md:1","Info: Found text in security policy: github.com/trailofbits/.github/SECURITY.md:1"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 30 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/claude-code-review.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/trailofbits/publications/claude-code-review.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/claude-code-review.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/trailofbits/publications/claude-code-review.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/claude.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/trailofbits/publications/claude.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/claude.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/trailofbits/publications/claude.yml/master?enable=pin","Warn: containerImage not pinned by hash: disclosures/CVE-2022-35737/Dockerfile:1: pin your Docker image by updating ubuntu:20.04 to ubuntu:20.04@sha256:8feb4d8ca5354def3d8fce243717141ce31e2c428701f6682bd2fafe15388214","Info:   0 out of   2 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of   2 third-party GitHubAction dependencies pinned","Info:   0 out of   1 containerImage dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}}]},"last_synced_at":"2025-08-24T13:57:56.145Z","repository_id":31252453,"created_at":"2025-08-24T13:57:56.145Z","updated_at":"2025-08-24T13:57:56.145Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":273719541,"owners_count":25155733,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-09-05T02:00:09.113Z","response_time":402,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"owner":{"login":"trailofbits","name":"Trail of Bits","uuid":"2314423","kind":"organization","description":"More code: binary lifters @lifting-bits, blockchain @crytic, forks @trail-of-forks ","email":"opensource@trailofbits.com","website":"https://www.trailofbits.com","location":"New York, New York","twitter":"trailofbits","company":null,"icon_url":"https://avatars.githubusercontent.com/u/2314423?v=4","repositories_count":125,"last_synced_at":"2023-03-29T03:19:56.075Z","metadata":{"has_sponsors_listing":false},"html_url":"https://github.com/trailofbits","funding_links":[],"total_stars":null,"followers":null,"following":null,"created_at":"2022-11-04T04:22:54.571Z","updated_at":"2023-03-29T03:19:56.394Z","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/trailofbits","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/trailofbits/repositories"},"packages":[],"commits":{"id":1779214,"full_name":"trailofbits/publications","default_branch":"master","committers":[{"name":"Dan Guido","email":"dan@trailofbits.com","login":"dguido","count":285},{"name":"Carampearson","email":"49884244+Carampearson","login":"Carampearson","count":84},{"name":"Anne Marie Barry","email":"102610830+annemariebarry","login":"annemariebarry","count":66},{"name":"jeffbraswell","email":"119971338+jeffbraswell","login":"jeffbraswell","count":50},{"name":"sfmiller1","email":"106836294+sfmiller1","login":"sfmiller1","count":46},{"name":"William Woodruff","email":"william@trailofbits.com","login":"woodruffw","count":32},{"name":"le-miorcec","email":"86668775+le-miorcec","login":"le-miorcec","count":28},{"name":"Chris Dahlheimer","email":"39488717+cdahlheimer","login":"cdahlheimer","count":27},{"name":"Josselin","email":"josselin@trailofbits.com","login":"montyly","count":21},{"name":"hwomackToB","email":"150697619+hwomackToB","login":"hwomackToB","count":18},{"name":"Travis Peters","email":"traviswp@gmail.com","login":"traviswpeters","count":15},{"name":"Gustavo Grieco","email":"31542053+ggrieco-tob","login":"ggrieco-tob","count":12},{"name":"agroce","email":"agroce@gmail.com","login":"agroce","count":10},{"name":"james-miller-93","email":"36123045+james-miller-93","login":"james-miller-93","count":9},{"name":"Greg Otto","email":"gregory.otto@trailofbits.com","login":"gregotto","count":9},{"name":"Evan Sultanik","email":"evan.sultanik@trailofbits.com","login":"ESultanik","count":8},{"name":"Mike Myers","email":"30631532+mike-myers-tob","login":"mike-myers-tob","count":7},{"name":"Sophia M D'Antoine","email":"smdantoine@gmail.com","login":"quend","count":7},{"name":"Sai","email":"svv232@nyu.edu","login":"svv232","count":6},{"name":"Loji, la struto de melankolio","email":"saedwards.ecc@gmail.com","login":"lojikil","count":5},{"name":"Tjaden Hess","email":"tjade273@gmail.com","login":"tjade273","count":5},{"name":"Nat Chin","email":"natalie.chin@trailofbits.com","login":null,"count":5},{"name":"Michael Colburn","email":"michael.colburn@trailofbits.com","login":null,"count":5},{"name":"Mark Mossberg","email":"mark@trailofbits.com","login":"offlinemark","count":4},{"name":"Kelly Kaoudis","email":"kelly.kaoudis@trailofbits.com","login":"kaoudis","count":4},{"name":"Michael D Brown","email":"michael.brown@trailofbits.com","login":"michaelbrownuc","count":4},{"name":"Peter Goodman","email":"peter@trailofbits.com","login":"pgoodman","count":4},{"name":"Ryan Stortz","email":"ryan@trailofbits.com","login":null,"count":3},{"name":"2over12","email":"ian.smith@trailofbits.com","login":"2over12","count":3},{"name":"Andrew Pan","email":"andrew.pan@trailofbits.com","login":"tnytown","count":3},{"name":"alpharush","email":"0xalpharush@protonmail.com","login":"0xalpharush","count":3},{"name":"Max Ammann","email":"max@maxammann.org","login":"maxammann","count":3},{"name":"Suha Sabi Hussain","email":"suha.hussain@trailofbits.com","login":"suhacker1","count":2},{"name":"Scott Arciszewski","email":"147527775+tob-scott-a","login":"tob-scott-a","count":2},{"name":"Paul Kehrer","email":"paul.l.kehrer@gmail.com","login":"reaperhulk","count":2},{"name":"Fredrik Dahlgren","email":"fredrik.dahlgren@trailofbits.com","login":"fegge","count":2},{"name":"Ben Perez","email":"benperez1227@gmail.com","login":"blperez01","count":2},{"name":"Ben Kunkel","email":"58575163+bnknkl","login":"bnknkl","count":2},{"name":"Will Song","email":"incertia","login":"incertia","count":2},{"name":"feliam","email":"felipe.andres.manzano@gmail.com","login":"feliam","count":2},{"name":"mschwager","email":"mschwager","login":"mschwager","count":2},{"name":"Michael Colburn","email":"mc@michaelcolburn.com","login":"mgcolburn","count":1},{"name":"Rory M","email":"roddux@gmail.com","login":"roddux","count":1},{"name":"Ryan Stortz","email":"withzombies","login":"withzombies","count":1},{"name":"Samuel Moelius","email":"35515885+smoelius","login":"smoelius","count":1},{"name":"Simone","email":"79767264+smonicas","login":"smonicas","count":1},{"name":"Trent Brunson","email":"trent.brunson@trailofbits.com","login":"tn3rt","count":1},{"name":"andreas","email":"andreas@wunused.com","login":"wunused","count":1},{"name":"artemdinaburg","email":"artem@dinaburg.org","login":"artemdinaburg","count":1},{"name":"atravers","email":"26422294+alkaet","login":"alkaet","count":1},{"name":"dvaliant","email":"31522684+dvaliant","login":"dvaliant","count":1},{"name":"hacker-DOM","email":"dteiml@gmail.com","login":"hacker-DOM","count":1},{"name":"nisedo","email":"73041332+nisedo","login":"nisedo","count":1},{"name":"Josh Watson","email":"josh@trailofbits.com","login":null,"count":1},{"name":"Eric Hennenfent","email":"eric.hennenfent@trailofbits.com","login":null,"count":1},{"name":"roleengineer","email":"35062472+roleengineer","login":"roleengineer","count":1},{"name":"snd","email":"kruemaxi@gmail.com","login":"snd","count":1},{"name":"Artur Cygan","email":"artur.cygan@trailofbits.com","login":"arcz","count":1},{"name":"Chris Evans","email":"chris.evans93@gmail.com","login":"perks","count":1},{"name":"David Pokora","email":"dpokora@gmail.com","login":"Xenomega","count":1},{"name":"Disconnect3d","email":"disconnect3d@trailofbits.com","login":"disconnect3d","count":1},{"name":"Emilio López","email":"2642849+elopez","login":"elopez","count":1},{"name":"Filipe Casal","email":"fcasal","login":"fcasal","count":1},{"name":"Heidy Khlaaf","email":"heidyk9@gmail.com","login":"hkhlaaf","count":1},{"name":"Henrich Lauko","email":"xlauko@mail.muni.cz","login":"xlauko","count":1},{"name":"JP Smith","email":"jp@writes.co.de","login":"japesinator","count":1},{"name":"James Olds","email":"oldsj","login":"oldsj","count":1},{"name":"Jay Little","email":"computerality","login":"computerality","count":1},{"name":"Lisa Overall","email":"11458176+lisaoverall","login":"lisaoverall","count":1},{"name":"MacLane S Wilkison","email":"maclane@nucypher.com","login":"mswilkison","count":1},{"name":"yardenshafir","email":"yardenshafir2@gmail.com","login":"yardenshafir","count":1},{"name":"Maciej Domanski","email":"38883201+ahpaleus","login":"ahpaleus","count":1},{"name":"Marc Ilunga","email":"marcilu@student.ethz.ch","login":"MarcIlunga","count":1},{"name":"yan","email":"rottled@gmail.com","login":"yan","count":1}],"total_commits":842,"total_committers":74,"total_bot_commits":0,"total_bot_committers":0,"mean_commits":11.378378378378379,"dds":0.661520190023753,"past_year_committers":[{"name":"sfmiller1","email":"106836294+sfmiller1","login":"sfmiller1","count":46},{"name":"jeffbraswell","email":"119971338+jeffbraswell","login":"jeffbraswell","count":38},{"name":"le-miorcec","email":"86668775+le-miorcec","login":"le-miorcec","count":28},{"name":"Anne Marie Barry","email":"102610830+annemariebarry","login":"annemariebarry","count":19},{"name":"hwomackToB","email":"150697619+hwomackToB","login":"hwomackToB","count":18},{"name":"William Woodruff","email":"william@trailofbits.com","login":"woodruffw","count":13},{"name":"Tjaden Hess","email":"tjade273@gmail.com","login":"tjade273","count":4},{"name":"2over12","email":"ian.smith@trailofbits.com","login":"2over12","count":3},{"name":"Fredrik Dahlgren","email":"fredrik.dahlgren@trailofbits.com","login":"fegge","count":2},{"name":"Suha Sabi Hussain","email":"suha.hussain@trailofbits.com","login":"suhacker1","count":2},{"name":"mschwager","email":"mschwager","login":"mschwager","count":2},{"name":"Chris Dahlheimer","email":"39488717+cdahlheimer","login":"cdahlheimer","count":2},{"name":"Dan Guido","email":"dan@trailofbits.com","login":"dguido","count":1},{"name":"Henrich Lauko","email":"xlauko@mail.muni.cz","login":"xlauko","count":1},{"name":"Kelly Kaoudis","email":"kelly.kaoudis@trailofbits.com","login":"kaoudis","count":1},{"name":"Max Ammann","email":"max@maxammann.org","login":"maxammann","count":1},{"name":"Michael D Brown","email":"michael.brown@trailofbits.com","login":"michaelbrownuc","count":1},{"name":"Samuel Moelius","email":"35515885+smoelius","login":"smoelius","count":1},{"name":"Scott Arciszewski","email":"147527775+tob-scott-a","login":"tob-scott-a","count":1},{"name":"Simone","email":"79767264+smonicas","login":"smonicas","count":1},{"name":"alpharush","email":"0xalpharush@protonmail.com","login":"0xalpharush","count":1},{"name":"atravers","email":"26422294+alkaet","login":"alkaet","count":1},{"name":"james-miller-93","email":"36123045+james-miller-93","login":"james-miller-93","count":1},{"name":"nisedo","email":"73041332+nisedo","login":"nisedo","count":1}],"past_year_total_commits":189,"past_year_total_committers":24,"past_year_total_bot_commits":0,"past_year_total_bot_committers":0,"past_year_mean_commits":7.875,"past_year_dds":0.7566137566137566,"last_synced_at":"2025-04-07T04:19:57.323Z","last_synced_commit":"d3c8ba63fe3b2ff1d3868ec674e23583a26a397b","created_at":"2024-09-20T17:52:51.867Z","updated_at":"2025-04-07T04:20:17.278Z","commits_url":"https://commits.ecosyste.ms/api/v1/hosts/GitHub/repositories/trailofbits%2Fpublications/commits","host":{"name":"GitHub","url":"https://github.com","kind":"github","last_synced_at":"2025-09-05T00:00:10.343Z","repositories_count":5480019,"commits_count":853389012,"contributors_count":31098138,"owners_count":906558,"icon_url":"https://github.com/github.png","host_url":"https://commits.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://commits.ecosyste.ms/api/v1/hosts/GitHub/repositories"}},"issues_stats":{"full_name":"trailofbits/publications","html_url":"https://github.com/trailofbits/publications","last_synced_at":"2025-09-02T23:43:47.418Z","status":null,"issues_count":13,"pull_requests_count":383,"avg_time_to_close_issue":901802.2,"avg_time_to_close_pull_request":505973.4704142012,"issues_closed_count":5,"pull_requests_closed_count":338,"pull_request_authors_count":32,"issue_authors_count":12,"avg_comments_per_issue":0.38461538461538464,"avg_comments_per_pull_request":0.38642297650130547,"merged_pull_requests_count":302,"bot_issues_count":0,"bot_pull_requests_count":0,"past_year_issues_count":8,"past_year_pull_requests_count":234,"past_year_avg_time_to_close_issue":69650.5,"past_year_avg_time_to_close_pull_request":204258.8743718593,"past_year_issues_closed_count":4,"past_year_pull_requests_closed_count":199,"past_year_pull_request_authors_count":17,"past_year_issue_authors_count":8,"past_year_avg_comments_per_issue":0.375,"past_year_avg_comments_per_pull_request":0.5683760683760684,"past_year_bot_issues_count":0,"past_year_bot_pull_requests_count":0,"past_year_merged_pull_requests_count":171,"created_at":"2024-09-20T17:52:52.035Z","updated_at":"2025-09-03T06:14:25.021Z","repository_url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/repositories/trailofbits%2Fpublications","issues_url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/repositories/trailofbits%2Fpublications/issues","issue_labels_count":{},"pull_request_labels_count":{},"issue_author_associations_count":{"COLLABORATOR":11,"NONE":7,"MEMBER":3,"CONTRIBUTOR":3},"pull_request_author_associations_count":{"CONTRIBUTOR":296,"MEMBER":52,"COLLABORATOR":28,"NONE":17},"issue_authors":{"heather-hickok":12,"dguido":2,"somera":1,"woodruffw":1,"sfmiller1":1,"killers10":1,"Cris8308316R2":1,"starixapp":1,"GangGreenTemperTatum":1,"shipper96":1,"suhacker1":1,"montyly":1},"pull_request_authors":{"sfmiller1":85,"le-miorcec":54,"annemariebarry":53,"jeffbraswell":52,"hwomackToB":43,"woodruffw":27,"dguido":8,"maxammann":6,"tjade273":6,"cdahlheimer":6,"fegge":6,"tob-scott-a":4,"2over12":4,"mschwager":4,"nisedo":4,"kaoudis":3,"smoelius":2,"xlauko":2,"TOB-Mike":2,"Dahka2321":2,"0xicingdeath":2,"smonicas":2,"dykstra10":2,"DarkaMaul":2,"alkaet":2,"michaelbrownuc":2,"montyly":2,"james-miller-93":2,"0xalpharush":1,"sangshanrupesh":1,"intensodefi":1,"suhacker1":1},"host":{"name":"GitHub","url":"https://github.com","kind":"github","last_synced_at":"2025-09-03T00:00:08.273Z","repositories_count":10062711,"issues_count":31088333,"pull_requests_count":94455969,"authors_count":10686469,"icon_url":"https://github.com/github.png","host_url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/repositories","owners_url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/owners","authors_url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors"},"past_year_issue_labels_count":{},"past_year_pull_request_labels_count":{},"past_year_issue_author_associations_count":{"COLLABORATOR":11,"NONE":6,"CONTRIBUTOR":2},"past_year_pull_request_author_associations_count":{"CONTRIBUTOR":179,"COLLABORATOR":28,"MEMBER":26,"NONE":11},"past_year_issue_authors":{"heather-hickok":12,"Cris8308316R2":1,"GangGreenTemperTatum":1,"killers10":1,"sfmiller1":1,"somera":1,"starixapp":1,"suhacker1":1},"past_year_pull_request_authors":{"sfmiller1":85,"le-miorcec":54,"hwomackToB":32,"jeffbraswell":18,"woodruffw":18,"fegge":6,"dguido":6,"cdahlheimer":5,"nisedo":4,"2over12":4,"tjade273":2,"TOB-Mike":2,"DarkaMaul":2,"Dahka2321":2,"dykstra10":2,"intensodefi":1,"sangshanrupesh":1},"maintainers":[{"login":"woodruffw","count":28,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/woodruffw"},{"login":"hwomackToB","count":26,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/hwomackToB"},{"login":"heather-hickok","count":11,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/heather-hickok"},{"login":"dguido","count":10,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/dguido"},{"login":"tjade273","count":6,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/tjade273"},{"login":"mschwager","count":4,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/mschwager"},{"login":"maxammann","count":3,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/maxammann"},{"login":"TOB-Mike","count":2,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/TOB-Mike"},{"login":"xlauko","count":2,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/xlauko"},{"login":"montyly","count":2,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/montyly"}],"active_maintainers":[{"login":"hwomackToB","count":26,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/hwomackToB"},{"login":"woodruffw","count":18,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/woodruffw"},{"login":"heather-hickok","count":11,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/heather-hickok"},{"login":"dguido","count":6,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/dguido"},{"login":"TOB-Mike","count":2,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/TOB-Mike"},{"login":"tjade273","count":2,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/tjade273"}]},"events":{"total":{"CreateEvent":115,"CommitCommentEvent":1,"IssuesEvent":18,"WatchEvent":165,"DeleteEvent":110,"MemberEvent":2,"IssueCommentEvent":108,"PushEvent":309,"PullRequestReviewCommentEvent":3,"PullRequestReviewEvent":95,"PullRequestEvent":232,"ForkEvent":19},"last_year":{"CreateEvent":115,"CommitCommentEvent":1,"IssuesEvent":18,"WatchEvent":165,"DeleteEvent":110,"MemberEvent":2,"IssueCommentEvent":108,"PushEvent":309,"PullRequestReviewCommentEvent":3,"PullRequestReviewEvent":95,"PullRequestEvent":232,"ForkEvent":19}},"keywords":["academic-papers","conference-presentations","security-reviews"],"dependencies":[{"ecosystem":"docker","filepath":"disclosures/CVE-2022-35737/Dockerfile","sha":null,"kind":"manifest","created_at":"2023-01-14T18:45:29.499Z","updated_at":"2023-01-14T18:45:29.499Z","repository_link":"https://github.com/trailofbits/publications/blob/master/disclosures/CVE-2022-35737/Dockerfile","dependencies":[{"id":6903925864,"package_name":"ubuntu","ecosystem":"docker","requirements":"20.04","direct":true,"kind":"build","optional":false}]}],"score":11.71077582338181,"created_at":"2025-09-04T15:51:07.955Z","updated_at":"2025-10-07T08:14:27.147Z","avatar_url":"https://github.com/trailofbits.png","language":"Python","category":null,"sub_category":null,"monthly_downloads":0,"funding_links":[],"readme_doi_urls":[],"works":{},"citation_counts":{},"total_citations":0,"keywords_from_contributors":["solidity","vulnerability-detection","graph-algorithms"],"project_url":"https://science.ecosyste.ms/api/v1/projects/34560","html_url":"https://science.ecosyste.ms/projects/34560"}