{"id":4469,"name":"treemap","description":"🍬 Pretty Treemaps","url":"https://github.com/nikolaydubina/treemap","last_synced_at":"2025-09-08T11:19:50.630Z","repository":{"id":40737066,"uuid":"434580767","full_name":"nikolaydubina/treemap","owner":"nikolaydubina","description":"🍬 Pretty Treemaps","archived":false,"fork":false,"pushed_at":"2025-03-04T13:05:21.000Z","size":6168,"stargazers_count":167,"open_issues_count":11,"forks_count":2,"subscribers_count":6,"default_branch":"main","last_synced_at":"2025-09-04T22:46:45.090Z","etag":null,"topics":["command-line-tool","data-visualization","graph","heatmap","tree"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/nikolaydubina.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":"CITATION.cff","codeowners":".github/CODEOWNERS","security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null},"funding":{"github":"nikolaydubina"}},"created_at":"2021-12-03T12:01:16.000Z","updated_at":"2025-08-16T02:12:26.000Z","dependencies_parsed_at":"2024-01-15T15:44:25.915Z","dependency_job_id":"11530000-13d6-445d-93c5-69bed8976838","html_url":"https://github.com/nikolaydubina/treemap","commit_stats":null,"previous_names":[],"tags_count":11,"template":false,"template_full_name":null,"purl":"pkg:github/nikolaydubina/treemap","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nikolaydubina%2Ftreemap","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nikolaydubina%2Ftreemap/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nikolaydubina%2Ftreemap/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nikolaydubina%2Ftreemap/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/nikolaydubina","download_url":"https://codeload.github.com/nikolaydubina/treemap/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nikolaydubina%2Ftreemap/sbom","scorecard":{"id":687616,"data":{"date":"2024-11-25T02:12:33Z","repo":{"name":"github.com/nikolaydubina/treemap","commit":"7b90a5aa6a50c9b876596c585dca0432b6bea52d"},"scorecard":{"version":"v4.13.1","commit":"49c0eed3a423f00c872b5c3c9f1bbca9e8aae799"},"score":6.3,"checks":[{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#binary-artifacts"}},{"name":"Branch-Protection","score":8,"reason":"branch protection is not maximal on development and all release branches","details":["Info: 'force pushes' disabled on branch 'main'","Info: 'allow deletion' disabled on branch 'main'","Info: status checks require up-to-date branches for 'main'","Info: 'last push approval' enabled on branch 'main'","Info: status check found to merge onto on branch 'main'","Warn: number of required reviewers is only 1 on branch 'main'","Info: stale review dismissal enabled on branch 'main'","Warn: settings do not apply to administrators on branch 'main'","Warn: codeowner review is not required on branch 'main'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#branch-protection"}},{"name":"CI-Tests","score":1,"reason":"1 out of 6 merged PRs checked by a CI test -- score normalized to 1","details":null,"documentation":{"short":"Determines if the project runs tests before pull requests are merged.","url":"https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#ci-tests"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#cii-best-practices"}},{"name":"Code-Review","score":2,"reason":"found 15 unreviewed changesets out of 19 -- score normalized to 2","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#code-review"}},{"name":"Contributors","score":10,"reason":"4 different organizations found -- score normalized to 10","details":["Info: contributors work for finam-ufz,helmholtz-ufz   @finam-ufz,ndx-technologies,open-neuroscience-foundation"],"documentation":{"short":"Determines if the project has a set of contributors from multiple organizations (e.g., companies).","url":"https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#contributors"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#dangerous-workflow"}},{"name":"Dependency-Update-Tool","score":10,"reason":"update tool detected","details":["Info: tool 'Dependabot' is used: .github/dependabot.yml:1"],"documentation":{"short":"Determines if the project uses a dependency update tool.","url":"https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#dependency-update-tool"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no OSSFuzz integration found: Follow the steps in https://github.com/google/oss-fuzz to integrate fuzzing for your project.\nOver time, try to add fuzzing for more functionalities of your project. (High effort)","Warn: no OneFuzz integration found: Follow the steps in https://github.com/microsoft/onefuzz to start fuzzing for your project.\nOver time, try to add fuzzing for more functionalities of your project. (High effort)","Warn: no GoBuiltInFuzzer integration found: Follow the steps in https://go.dev/doc/fuzz/ to enable fuzzing on your project.\nOver time, try to add fuzzing for more functionalities of your project. (Medium effort)","Warn: no PythonAtherisFuzzer integration found: Follow the steps in https://github.com/google/atheris to enable fuzzing on your project.\nOver time, try to add fuzzing for more functionalities of your project. (Medium effort)","Warn: no CLibFuzzer integration found: Follow the steps in https://llvm.org/docs/LibFuzzer.html to enable fuzzing on your project.\nOver time, try to add fuzzing for more functionalities of your project. (Medium effort)","Warn: no CppLibFuzzer integration found: Follow the steps in https://llvm.org/docs/LibFuzzer.html to enable fuzzing on your project.\nOver time, try to add fuzzing for more functionalities of your project. (Medium effort)","Warn: no SwiftLibFuzzer integration found: Follow the steps in https://google.github.io/oss-fuzz/getting-started/new-project-guide/swift-lang/ to enable fuzzing on your project.\nOver time, try to add fuzzing for more functionalities of your project. (Medium effort)","Warn: no RustCargoFuzzer integration found: Follow the steps in https://rust-fuzz.github.io/book/cargo-fuzz.html to enable fuzzing on your project.\nOver time, try to add fuzzing for more functionalities of your project. (Medium effort)","Warn: no JavaJazzerFuzzer integration found: Follow the steps in https://github.com/CodeIntelligenceTesting/jazzer to enable fuzzing on your project.\nOver time, try to add fuzzing for more functionalities of your project. (Medium effort)","Warn: no ClusterFuzzLite integration found: Follow the steps in https://github.com/google/clusterfuzzlite to integrate fuzzing as part of CI.\nOver time, try to add fuzzing for more functionalities of your project. (High effort)","Warn: no HaskellPropertyBasedTesting integration found: Use one of the following frameworks to fuzz your project:\nQuickCheck: https://hackage.haskell.org/package/QuickCheck\nhedgehog: https://hedgehog.qa/\nvalidity: https://github.com/NorfairKing/validity\nsmallcheck: https://hackage.haskell.org/package/smallcheck\nhspec: https://hspec.github.io/\ntasty: https://hackage.haskell.org/package/tasty (High effort)","Warn: no TypeScriptPropertyBasedTesting integration found: Use fast-check: https://github.com/dubzzz/fast-check (High effort)","Warn: no JavaScriptPropertyBasedTesting integration found: Use fast-check: https://github.com/dubzzz/fast-check (High effort)"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#fuzzing"}},{"name":"License","score":9,"reason":"license file detected","details":["Info: License file found in expected location: LICENSE:1","Warn: Any licence detected not an FSF or OSI recognized license: LICENSE:1"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#license"}},{"name":"Maintained","score":0,"reason":"0 commit(s) out of 30 and 0 issue activity out of 20 found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#maintained"}},{"name":"Packaging","score":-1,"reason":"no published package detected","details":["Warn: no GitHub/GitLab publishing workflow detected"],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#packaging"}},{"name":"Pinned-Dependencies","score":2,"reason":"dependency not pinned by hash detected -- score normalized to 2","details":["Warn: third-party GitHubAction not pinned by hash: .github/workflows/scorecard.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/nikolaydubina/treemap/scorecard.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/nikolaydubina/treemap/tests.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/nikolaydubina/treemap/tests.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/nikolaydubina/treemap/tests.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/nikolaydubina/treemap/tests.yml/main?enable=pin","Warn: goCommand not pinned by hash: .github/workflows/tests.yml:28","Info:   3 out of   5 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of   3 third-party GitHubAction dependencies pinned","Info:   1 out of   2 goCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#pinned-dependencies"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 17 are checked with a SAST tool","Warn: CodeQL tool not detected"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#sast"}},{"name":"Security-Policy","score":9,"reason":"security policy file detected","details":["Info: security policy file detected: SECURITY.md:1","Info: Found linked content: SECURITY.md:1","Warn: One or no descriptive hints of disclosure, vulnerability, and/or timelines in security policy: On GitHub:\nEnable private vulnerability disclosure in your repository settings https://docs.github.com/en/code-security/security-advisories/repository-security-advisories/configuring-private-vulnerability-reporting-for-a-repository\nAdd a section in your SECURITY.md indicating you have enabled private reporting, and tell them to follow the steps in https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing/privately-reporting-a-security-vulnerability to report vulnerabilities.\nOn GitLab:\nAdd a section in your SECURITY.md indicating the process to disclose vulnerabilities for your project.\nExamples: https://github.com/ossf/scorecard/blob/main/SECURITY.md, https://github.com/slsa-framework/slsa-github-generator/blob/main/SECURITY.md, https://github.com/sigstore/.github/blob/main/SECURITY.md. (Low effort)","Info: Found text in security policy: SECURITY.md:1"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#security-policy"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":["Warn: no GitHub releases found"],"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#signed-releases"}},{"name":"Token-Permissions","score":10,"reason":"GitHub workflow tokens follow principle of least privilege","details":["Info: topLevel permissions set to 'read-all': .github/workflows/scorecard.yml:18","Info: topLevel permissions set to 'read-all': .github/workflows/tests.yml:9","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#token-permissions"}},{"name":"Vulnerabilities","score":10,"reason":"no vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-22T01:21:45.800Z","repository_id":40737066,"created_at":"2025-08-22T01:21:45.800Z","updated_at":"2025-08-22T01:21:45.800Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":274174523,"owners_count":25235262,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-09-08T02:00:09.813Z","response_time":121,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"owner":{"login":"nikolaydubina","name":"Nikolay Dubina","uuid":"2933061","kind":"user","description":"","email":"","website":null,"location":null,"twitter":null,"company":null,"icon_url":"https://avatars.githubusercontent.com/u/2933061?u=0e4587b0e19602c071c93e740a5b2340afdc9d47\u0026v=4","repositories_count":92,"last_synced_at":"2025-09-02T08:44:46.883Z","metadata":{"has_sponsors_listing":true},"html_url":"https://github.com/nikolaydubina","funding_links":["https://github.com/sponsors/nikolaydubina"],"total_stars":7247,"followers":315,"following":45,"created_at":"2022-11-13T05:15:24.549Z","updated_at":"2025-09-02T08:44:46.883Z","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/nikolaydubina","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/nikolaydubina/repositories"},"packages":[{"id":4184903,"name":"github.com/nikolaydubina/treemap","ecosystem":"go","description":"","homepage":"https://github.com/nikolaydubina/treemap","licenses":"MIT","normalized_licenses":["MIT"],"repository_url":"https://github.com/nikolaydubina/treemap","keywords_array":[],"namespace":"github.com/nikolaydubina","versions_count":11,"first_release_published_at":"2021-12-04T19:47:16.000Z","latest_release_published_at":"2024-03-21T12:24:49.000Z","latest_release_number":"v1.2.5","last_synced_at":"2025-09-04T17:23:39.457Z","created_at":"2022-04-12T19:29:25.496Z","updated_at":"2025-09-05T12:56:43.225Z","registry_url":"https://pkg.go.dev/github.com/nikolaydubina/treemap","install_command":"go get github.com/nikolaydubina/treemap","documentation_url":"https://pkg.go.dev/github.com/nikolaydubina/treemap#section-documentation","metadata":{},"repo_metadata":{"id":40737066,"uuid":"434580767","full_name":"nikolaydubina/treemap","owner":"nikolaydubina","description":"🍬 Pretty Treemaps","archived":false,"fork":false,"pushed_at":"2025-03-04T13:05:21.000Z","size":6168,"stargazers_count":167,"open_issues_count":11,"forks_count":2,"subscribers_count":6,"default_branch":"main","last_synced_at":"2025-09-04T22:46:45.090Z","etag":null,"topics":["command-line-tool","data-visualization","graph","heatmap","tree"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/nikolaydubina.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":"CITATION.cff","codeowners":".github/CODEOWNERS","security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null},"funding":{"github":"nikolaydubina"}},"created_at":"2021-12-03T12:01:16.000Z","updated_at":"2025-08-16T02:12:26.000Z","dependencies_parsed_at":"2024-01-15T15:44:25.915Z","dependency_job_id":"11530000-13d6-445d-93c5-69bed8976838","html_url":"https://github.com/nikolaydubina/treemap","commit_stats":null,"previous_names":[],"tags_count":11,"template":false,"template_full_name":null,"purl":"pkg:github/nikolaydubina/treemap","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nikolaydubina%2Ftreemap","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nikolaydubina%2Ftreemap/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nikolaydubina%2Ftreemap/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nikolaydubina%2Ftreemap/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/nikolaydubina","download_url":"https://codeload.github.com/nikolaydubina/treemap/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nikolaydubina%2Ftreemap/sbom","scorecard":{"id":687616,"data":{"date":"2024-11-25T02:12:33Z","repo":{"name":"github.com/nikolaydubina/treemap","commit":"7b90a5aa6a50c9b876596c585dca0432b6bea52d"},"scorecard":{"version":"v4.13.1","commit":"49c0eed3a423f00c872b5c3c9f1bbca9e8aae799"},"score":6.3,"checks":[{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#binary-artifacts"}},{"name":"Branch-Protection","score":8,"reason":"branch protection is not maximal on development and all release branches","details":["Info: 'force pushes' disabled on branch 'main'","Info: 'allow deletion' disabled on branch 'main'","Info: status checks require up-to-date branches for 'main'","Info: 'last push approval' enabled on branch 'main'","Info: status check found to merge onto on branch 'main'","Warn: number of required reviewers is only 1 on branch 'main'","Info: stale review dismissal enabled on branch 'main'","Warn: settings do not apply to administrators on branch 'main'","Warn: codeowner review is not required on branch 'main'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#branch-protection"}},{"name":"CI-Tests","score":1,"reason":"1 out of 6 merged PRs checked by a CI test -- score normalized to 1","details":null,"documentation":{"short":"Determines if the project runs tests before pull requests are merged.","url":"https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#ci-tests"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#cii-best-practices"}},{"name":"Code-Review","score":2,"reason":"found 15 unreviewed changesets out of 19 -- score normalized to 2","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#code-review"}},{"name":"Contributors","score":10,"reason":"4 different organizations found -- score normalized to 10","details":["Info: contributors work for finam-ufz,helmholtz-ufz   @finam-ufz,ndx-technologies,open-neuroscience-foundation"],"documentation":{"short":"Determines if the project has a set of contributors from multiple organizations (e.g., companies).","url":"https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#contributors"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#dangerous-workflow"}},{"name":"Dependency-Update-Tool","score":10,"reason":"update tool detected","details":["Info: tool 'Dependabot' is used: .github/dependabot.yml:1"],"documentation":{"short":"Determines if the project uses a dependency update tool.","url":"https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#dependency-update-tool"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no OSSFuzz integration found: Follow the steps in https://github.com/google/oss-fuzz to integrate fuzzing for your project.\nOver time, try to add fuzzing for more functionalities of your project. (High effort)","Warn: no OneFuzz integration found: Follow the steps in https://github.com/microsoft/onefuzz to start fuzzing for your project.\nOver time, try to add fuzzing for more functionalities of your project. (High effort)","Warn: no GoBuiltInFuzzer integration found: Follow the steps in https://go.dev/doc/fuzz/ to enable fuzzing on your project.\nOver time, try to add fuzzing for more functionalities of your project. (Medium effort)","Warn: no PythonAtherisFuzzer integration found: Follow the steps in https://github.com/google/atheris to enable fuzzing on your project.\nOver time, try to add fuzzing for more functionalities of your project. (Medium effort)","Warn: no CLibFuzzer integration found: Follow the steps in https://llvm.org/docs/LibFuzzer.html to enable fuzzing on your project.\nOver time, try to add fuzzing for more functionalities of your project. (Medium effort)","Warn: no CppLibFuzzer integration found: Follow the steps in https://llvm.org/docs/LibFuzzer.html to enable fuzzing on your project.\nOver time, try to add fuzzing for more functionalities of your project. (Medium effort)","Warn: no SwiftLibFuzzer integration found: Follow the steps in https://google.github.io/oss-fuzz/getting-started/new-project-guide/swift-lang/ to enable fuzzing on your project.\nOver time, try to add fuzzing for more functionalities of your project. (Medium effort)","Warn: no RustCargoFuzzer integration found: Follow the steps in https://rust-fuzz.github.io/book/cargo-fuzz.html to enable fuzzing on your project.\nOver time, try to add fuzzing for more functionalities of your project. (Medium effort)","Warn: no JavaJazzerFuzzer integration found: Follow the steps in https://github.com/CodeIntelligenceTesting/jazzer to enable fuzzing on your project.\nOver time, try to add fuzzing for more functionalities of your project. (Medium effort)","Warn: no ClusterFuzzLite integration found: Follow the steps in https://github.com/google/clusterfuzzlite to integrate fuzzing as part of CI.\nOver time, try to add fuzzing for more functionalities of your project. (High effort)","Warn: no HaskellPropertyBasedTesting integration found: Use one of the following frameworks to fuzz your project:\nQuickCheck: https://hackage.haskell.org/package/QuickCheck\nhedgehog: https://hedgehog.qa/\nvalidity: https://github.com/NorfairKing/validity\nsmallcheck: https://hackage.haskell.org/package/smallcheck\nhspec: https://hspec.github.io/\ntasty: https://hackage.haskell.org/package/tasty (High effort)","Warn: no TypeScriptPropertyBasedTesting integration found: Use fast-check: https://github.com/dubzzz/fast-check (High effort)","Warn: no JavaScriptPropertyBasedTesting integration found: Use fast-check: https://github.com/dubzzz/fast-check (High effort)"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#fuzzing"}},{"name":"License","score":9,"reason":"license file detected","details":["Info: License file found in expected location: LICENSE:1","Warn: Any licence detected not an FSF or OSI recognized license: LICENSE:1"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#license"}},{"name":"Maintained","score":0,"reason":"0 commit(s) out of 30 and 0 issue activity out of 20 found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#maintained"}},{"name":"Packaging","score":-1,"reason":"no published package detected","details":["Warn: no GitHub/GitLab publishing workflow detected"],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#packaging"}},{"name":"Pinned-Dependencies","score":2,"reason":"dependency not pinned by hash detected -- score normalized to 2","details":["Warn: third-party GitHubAction not pinned by hash: .github/workflows/scorecard.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/nikolaydubina/treemap/scorecard.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/nikolaydubina/treemap/tests.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/nikolaydubina/treemap/tests.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/nikolaydubina/treemap/tests.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/nikolaydubina/treemap/tests.yml/main?enable=pin","Warn: goCommand not pinned by hash: .github/workflows/tests.yml:28","Info:   3 out of   5 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of   3 third-party GitHubAction dependencies pinned","Info:   1 out of   2 goCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#pinned-dependencies"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 17 are checked with a SAST tool","Warn: CodeQL tool not detected"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#sast"}},{"name":"Security-Policy","score":9,"reason":"security policy file detected","details":["Info: security policy file detected: SECURITY.md:1","Info: Found linked content: SECURITY.md:1","Warn: One or no descriptive hints of disclosure, vulnerability, and/or timelines in security policy: On GitHub:\nEnable private vulnerability disclosure in your repository settings https://docs.github.com/en/code-security/security-advisories/repository-security-advisories/configuring-private-vulnerability-reporting-for-a-repository\nAdd a section in your SECURITY.md indicating you have enabled private reporting, and tell them to follow the steps in https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing/privately-reporting-a-security-vulnerability to report vulnerabilities.\nOn GitLab:\nAdd a section in your SECURITY.md indicating the process to disclose vulnerabilities for your project.\nExamples: https://github.com/ossf/scorecard/blob/main/SECURITY.md, https://github.com/slsa-framework/slsa-github-generator/blob/main/SECURITY.md, https://github.com/sigstore/.github/blob/main/SECURITY.md. (Low effort)","Info: Found text in security policy: SECURITY.md:1"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#security-policy"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":["Warn: no GitHub releases found"],"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#signed-releases"}},{"name":"Token-Permissions","score":10,"reason":"GitHub workflow tokens follow principle of least privilege","details":["Info: topLevel permissions set to 'read-all': .github/workflows/scorecard.yml:18","Info: topLevel permissions set to 'read-all': .github/workflows/tests.yml:9","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#token-permissions"}},{"name":"Vulnerabilities","score":10,"reason":"no vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-22T01:21:45.800Z","repository_id":40737066,"created_at":"2025-08-22T01:21:45.800Z","updated_at":"2025-08-22T01:21:45.800Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":273760982,"owners_count":25163179,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-09-05T02:00:09.113Z","response_time":402,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"},"owner_record":{"login":"nikolaydubina","name":"Nikolay Dubina","uuid":"2933061","kind":"user","description":"","email":"","website":null,"location":null,"twitter":null,"company":null,"icon_url":"https://avatars.githubusercontent.com/u/2933061?u=0e4587b0e19602c071c93e740a5b2340afdc9d47\u0026v=4","repositories_count":92,"last_synced_at":"2025-09-02T08:44:46.883Z","metadata":{"has_sponsors_listing":true},"html_url":"https://github.com/nikolaydubina","funding_links":["https://github.com/sponsors/nikolaydubina"],"total_stars":7247,"followers":315,"following":45,"created_at":"2022-11-13T05:15:24.549Z","updated_at":"2025-09-02T08:44:46.883Z","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/nikolaydubina","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/nikolaydubina/repositories"},"tags":[]},"repo_metadata_updated_at":"2025-09-05T12:56:43.225Z","dependent_packages_count":7,"downloads":null,"downloads_period":null,"dependent_repos_count":5,"rankings":{"downloads":null,"dependent_repos_count":2.2870515137363197,"dependent_packages_count":2.0233913378951853,"stargazers_count":4.389023127373145,"forks_count":11.101443684135718,"docker_downloads_count":null,"average":4.950227415785092},"purl":"pkg:golang/github.com/nikolaydubina/treemap","advisories":[],"docker_usage_url":"https://docker.ecosyste.ms/usage/go/github.com/nikolaydubina/treemap","docker_dependents_count":null,"docker_downloads_count":null,"usage_url":"https://repos.ecosyste.ms/usage/go/github.com/nikolaydubina/treemap","dependent_repositories_url":"https://repos.ecosyste.ms/api/v1/usage/go/github.com/nikolaydubina/treemap/dependencies","status":null,"funding_links":["https://github.com/sponsors/nikolaydubina"],"critical":null,"issue_metadata":{"last_synced_at":"2025-05-24T12:06:23.429Z","issues_count":21,"pull_requests_count":12,"avg_time_to_close_issue":121321.9,"avg_time_to_close_pull_request":35327.333333333336,"issues_closed_count":10,"pull_requests_closed_count":12,"pull_request_authors_count":3,"issue_authors_count":5,"avg_comments_per_issue":0.9047619047619048,"avg_comments_per_pull_request":1.4166666666666667,"merged_pull_requests_count":11,"bot_issues_count":0,"bot_pull_requests_count":0,"past_year_issues_count":1,"past_year_pull_requests_count":1,"past_year_avg_time_to_close_issue":174610.0,"past_year_avg_time_to_close_pull_request":645.0,"past_year_issues_closed_count":1,"past_year_pull_requests_closed_count":1,"past_year_pull_request_authors_count":1,"past_year_issue_authors_count":1,"past_year_avg_comments_per_issue":3.0,"past_year_avg_comments_per_pull_request":0.0,"past_year_bot_issues_count":0,"past_year_bot_pull_requests_count":0,"past_year_merged_pull_requests_count":1,"issues_url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/repositories/nikolaydubina%2Ftreemap/issues","maintainers":[{"login":"nikolaydubina","count":21,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/nikolaydubina"}],"active_maintainers":[]},"versions_url":"https://packages.ecosyste.ms/api/v1/registries/proxy.golang.org/packages/github.com%2Fnikolaydubina%2Ftreemap/versions","version_numbers_url":"https://packages.ecosyste.ms/api/v1/registries/proxy.golang.org/packages/github.com%2Fnikolaydubina%2Ftreemap/version_numbers","dependent_packages_url":"https://packages.ecosyste.ms/api/v1/registries/proxy.golang.org/packages/github.com%2Fnikolaydubina%2Ftreemap/dependent_packages","related_packages_url":"https://packages.ecosyste.ms/api/v1/registries/proxy.golang.org/packages/github.com%2Fnikolaydubina%2Ftreemap/related_packages","maintainers":[],"registry":{"name":"proxy.golang.org","url":"https://proxy.golang.org","ecosystem":"go","default":true,"packages_count":1953623,"maintainers_count":0,"namespaces_count":741771,"keywords_count":109320,"github":"golang","metadata":{"funded_packages_count":49342},"icon_url":"https://github.com/golang.png","created_at":"2022-04-04T15:19:22.939Z","updated_at":"2025-09-08T05:47:38.872Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/proxy.golang.org/packages","maintainers_url":"https://packages.ecosyste.ms/api/v1/registries/proxy.golang.org/maintainers","namespaces_url":"https://packages.ecosyste.ms/api/v1/registries/proxy.golang.org/namespaces"}}],"commits":{"id":2147017,"full_name":"nikolaydubina/treemap","default_branch":"main","committers":[{"name":"Nikolay","email":"nikolay.dubina.pub@gmail.com","login":"nikolaydubina","count":76},{"name":"mlange-42","email":"martin_lange_@gmx.net","login":"mlange-42","count":9},{"name":"Gilbert Ramirez","email":"gram@alumni.rice.edu","login":"gilramir","count":1}],"total_commits":86,"total_committers":3,"total_bot_commits":0,"total_bot_committers":0,"mean_commits":28.666666666666668,"dds":0.11627906976744184,"past_year_committers":[{"name":"Nikolay Dubina","email":"nikolay.dubina.pub@gmail.com","login":"nikolaydubina","count":1},{"name":"Gilbert Ramirez","email":"gram@alumni.rice.edu","login":"gilramir","count":1}],"past_year_total_commits":2,"past_year_total_committers":2,"past_year_total_bot_commits":0,"past_year_total_bot_committers":0,"past_year_mean_commits":1.0,"past_year_dds":0.5,"last_synced_at":"2025-05-20T00:02:13.786Z","last_synced_commit":"1c259fb2761d78dd7d6af7930829a23cc2285bb0","created_at":"2024-10-03T10:50:05.628Z","updated_at":"2025-05-20T00:02:16.838Z","commits_url":"https://commits.ecosyste.ms/api/v1/hosts/GitHub/repositories/nikolaydubina%2Ftreemap/commits","host":{"name":"GitHub","url":"https://github.com","kind":"github","last_synced_at":"2025-09-08T00:00:16.827Z","repositories_count":5481894,"commits_count":853757651,"contributors_count":31102505,"owners_count":907434,"icon_url":"https://github.com/github.png","host_url":"https://commits.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://commits.ecosyste.ms/api/v1/hosts/GitHub/repositories"}},"issues_stats":{"full_name":"nikolaydubina/treemap","html_url":"https://github.com/nikolaydubina/treemap","last_synced_at":"2025-05-24T12:06:23.429Z","status":null,"issues_count":21,"pull_requests_count":12,"avg_time_to_close_issue":121321.9,"avg_time_to_close_pull_request":35327.333333333336,"issues_closed_count":10,"pull_requests_closed_count":12,"pull_request_authors_count":3,"issue_authors_count":5,"avg_comments_per_issue":0.9047619047619048,"avg_comments_per_pull_request":1.4166666666666667,"merged_pull_requests_count":11,"bot_issues_count":0,"bot_pull_requests_count":0,"past_year_issues_count":1,"past_year_pull_requests_count":1,"past_year_avg_time_to_close_issue":174610.0,"past_year_avg_time_to_close_pull_request":645.0,"past_year_issues_closed_count":1,"past_year_pull_requests_closed_count":1,"past_year_pull_request_authors_count":1,"past_year_issue_authors_count":1,"past_year_avg_comments_per_issue":3.0,"past_year_avg_comments_per_pull_request":0.0,"past_year_bot_issues_count":0,"past_year_bot_pull_requests_count":0,"past_year_merged_pull_requests_count":1,"created_at":"2023-05-17T07:39:14.690Z","updated_at":"2025-09-01T06:46:59.154Z","repository_url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/repositories/nikolaydubina%2Ftreemap","issues_url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/repositories/nikolaydubina%2Ftreemap/issues","issue_labels_count":{"enhancement":8,"bug":3,"refactoring":1,"good first issue":1,"documentation":1,"performance":1},"pull_request_labels_count":{"enhancement":2},"issue_author_associations_count":{"OWNER":14,"CONTRIBUTOR":5,"NONE":2},"pull_request_author_associations_count":{"OWNER":7,"CONTRIBUTOR":6,"NONE":1},"issue_authors":{"nikolaydubina":14,"mlange-42":4,"michaelsanford":1,"gilramir":1,"keith6014":1},"pull_request_authors":{"nikolaydubina":7,"mlange-42":5,"gilramir":2},"host":{"name":"GitHub","url":"https://github.com","kind":"github","last_synced_at":"2025-09-06T00:00:15.144Z","repositories_count":10122615,"issues_count":31721744,"pull_requests_count":98828394,"authors_count":10710967,"icon_url":"https://github.com/github.png","host_url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/repositories","owners_url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/owners","authors_url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors"},"past_year_issue_labels_count":{},"past_year_pull_request_labels_count":{},"past_year_issue_author_associations_count":{"CONTRIBUTOR":1},"past_year_pull_request_author_associations_count":{"NONE":1,"CONTRIBUTOR":1},"past_year_issue_authors":{"gilramir":1},"past_year_pull_request_authors":{"gilramir":2},"maintainers":[{"login":"nikolaydubina","count":21,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/nikolaydubina"}],"active_maintainers":[]},"events":{"total":{"IssuesEvent":2,"WatchEvent":14,"IssueCommentEvent":3,"PushEvent":1,"PullRequestReviewEvent":1,"PullRequestEvent":2,"ForkEvent":2},"last_year":{"IssuesEvent":2,"WatchEvent":14,"IssueCommentEvent":3,"PushEvent":1,"PullRequestReviewEvent":1,"PullRequestEvent":2,"ForkEvent":2}},"keywords":["command-line-tool","data-visualization","graph","heatmap","tree"],"dependencies":[{"ecosystem":"go","filepath":"go.mod","sha":null,"kind":"manifest","created_at":"2022-08-19T23:20:09.880Z","updated_at":"2022-08-19T23:20:09.880Z","repository_link":"https://github.com/nikolaydubina/treemap/blob/main/go.mod","dependencies":[{"id":2098017503,"package_name":"github.com/lucasb-eyer/go-colorful","ecosystem":"go","requirements":"v1.2.0","direct":true,"kind":"runtime","optional":false}]},{"ecosystem":"go","filepath":"go.sum","sha":null,"kind":"lockfile","created_at":"2022-08-19T23:20:09.981Z","updated_at":"2022-08-19T23:20:09.981Z","repository_link":"https://github.com/nikolaydubina/treemap/blob/main/go.sum","dependencies":[{"id":2098018339,"package_name":"github.com/lucasb-eyer/go-colorful","ecosystem":"go","requirements":"v1.2.0","direct":false,"kind":"runtime","optional":false}]},{"ecosystem":"actions","filepath":".github/workflows/tests.yml","sha":null,"kind":"manifest","created_at":"2023-01-30T08:00:40.743Z","updated_at":"2023-01-30T08:00:40.743Z","repository_link":"https://github.com/nikolaydubina/treemap/blob/main/.github/workflows/tests.yml","dependencies":[{"id":7244423415,"package_name":"actions/setup-go","ecosystem":"actions","requirements":"v2","direct":true,"kind":"composite","optional":false},{"id":7244423416,"package_name":"actions/checkout","ecosystem":"actions","requirements":"v2","direct":true,"kind":"composite","optional":false},{"id":7244423417,"package_name":"codecov/codecov-action","ecosystem":"actions","requirements":"v2","direct":true,"kind":"composite","optional":false}]}],"score":8.765302488748196,"created_at":"2025-09-04T15:50:11.644Z","updated_at":"2025-10-07T08:05:04.364Z","avatar_url":"https://github.com/nikolaydubina.png","language":"Go","category":null,"sub_category":null,"monthly_downloads":0,"funding_links":["https://github.com/sponsors/nikolaydubina"],"readme_doi_urls":[],"works":{},"citation_counts":{},"total_citations":0,"keywords_from_contributors":[],"project_url":"https://science.ecosyste.ms/api/v1/projects/4469","html_url":"https://science.ecosyste.ms/projects/4469","bibtex_url":"https://science.ecosyste.ms/projects/4469/export.bibtex","apalike_url":"https://science.ecosyste.ms/projects/4469/export.apalike"}