Go module

github.com/kubermatic/kubermatic

v2.14.3+incompatible

Newer version available

Warning

The module by this name does not have a go.mod file, but there is a module in the same repository that does: k8c.io/kubermatic/v3 is probably what you are looking for.

Published

July 18, 2020

Links

Origin: https://pkg.go.dev/github.com/kubermatic/kubermatic@v2.14.3+incompatible
Repo: https://github.com/kubermatic/kubermatic

Projects

kubermatic/kubermatic

GitHub

Kubermatic Kubernetes Platform - the Central Kubernetes Management Platform For Any Infrastructure

168 forks

1k stars

OpenSSF scorecard

The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.

View information about checks and how to fix failures.

Score

5/10

Scorecard as of February 24, 2025.

Code-Review

10/10

Determines if the project requires human code review before pull requests (aka merge requests) are merged.

Reasoning

all changesets reviewed

Maintained

10/10

Determines if the project is "actively maintained".

Reasoning

30 commit(s) and 8 issue activity found in the last 90 days -- score normalized to 10

CII-Best-Practices

2/10

Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.

Reasoning

badge detected: InProgress

License

9/10

Determines if the project has defined a license.

Reasoning

license file detected

Fuzzing

0/10

Determines if the project uses fuzzing.

Reasoning

project is not fuzzed

Security-Policy

0/10

Determines if the project has published a security policy.

Reasoning

security policy file not detected

Signed-Releases

0/10

Determines if the project cryptographically signs release artifacts.

Reasoning

Project has not signed or included provenance with any releases.

Binary-Artifacts

10/10

Determines if the project has generated executable (binary) artifacts in the source repository.

Reasoning

no binaries found in the repo

SAST

0/10

Determines if the project uses static code analysis.

Reasoning

SAST tool is not run on all commits -- score normalized to 0

Pinned-Dependencies

0/10

Determines if the project has declared and pinned the dependencies of its build process.

Reasoning

dependency not pinned by hash detected -- score normalized to 0

Vulnerabilities

8/10

Determines if the project has open, known unfixed vulnerabilities.

Reasoning

2 existing vulnerabilities detected

Project metadata as of March 8, 2025.

This site uses cookies from Google to deliver its services and to analyze traffic.

Pinned-Dependencies

Warn: containerImage not pinned by hash: Dockerfile:15: pin your Docker image by updating docker.io/alpine:3.19 to docker.io/alpine:3.19@sha256:e5d0aea7f7d2954678a9a6269ca2d06e06591881161961ea59e974dff3f12377

Warn: containerImage not pinned by hash: addons/Dockerfile:15: pin your Docker image by updating docker.io/alpine:3.19 to docker.io/alpine:3.19@sha256:e5d0aea7f7d2954678a9a6269ca2d06e06591881161961ea59e974dff3f12377

Warn: containerImage not pinned by hash: cmd/alertmanager-authorization-server/Dockerfile:15: pin your Docker image by updating gcr.io/distroless/static-debian12:nonroot to gcr.io/distroless/static-debian12:nonroot@sha256:6ec5aa99dc335666e79dc64e4a6c8b89c33a543a1967f20d360922a80dd21f02

Warn: containerImage not pinned by hash: cmd/conformance-tester/Dockerfile:15: pin your Docker image by updating docker.io/alpine:3.19 to docker.io/alpine:3.19@sha256:e5d0aea7f7d2954678a9a6269ca2d06e06591881161961ea59e974dff3f12377

Warn: containerImage not pinned by hash: cmd/etcd-launcher/Dockerfile:15: pin your Docker image by updating busybox:1.32.1 to busybox:1.32.1@sha256:ae39a6f5c07297d7ab64dbd4f82c77c874cc6a94cea29fdec309d0992574b4f7

Warn: containerImage not pinned by hash: cmd/http-prober/Dockerfile:15: pin your Docker image by updating docker.io/alpine:3.19 to docker.io/alpine:3.19@sha256:e5d0aea7f7d2954678a9a6269ca2d06e06591881161961ea59e974dff3f12377

Warn: containerImage not pinned by hash: cmd/kubeletdnat-controller/Dockerfile:15: pin your Docker image by updating docker.io/alpine:3.19 to docker.io/alpine:3.19@sha256:e5d0aea7f7d2954678a9a6269ca2d06e06591881161961ea59e974dff3f12377

Warn: containerImage not pinned by hash: cmd/kubeletdnat-controller/Dockerfile.multiarch:15

Warn: containerImage not pinned by hash: cmd/kubeletdnat-controller/Dockerfile.multiarch:31: pin your Docker image by updating docker.io/alpine:3.19 to docker.io/alpine:3.19@sha256:e5d0aea7f7d2954678a9a6269ca2d06e06591881161961ea59e974dff3f12377

Warn: containerImage not pinned by hash: cmd/network-interface-manager/Dockerfile:15: pin your Docker image by updating gcr.io/distroless/static-debian12 to gcr.io/distroless/static-debian12@sha256:3f2b64ef97bd285e36132c684e6b2ae8f2723293d09aae046196cca64251acac

Warn: containerImage not pinned by hash: cmd/network-interface-manager/Dockerfile.multiarch:15

Warn: containerImage not pinned by hash: cmd/network-interface-manager/Dockerfile.multiarch:31: pin your Docker image by updating gcr.io/distroless/static-debian12 to gcr.io/distroless/static-debian12@sha256:3f2b64ef97bd285e36132c684e6b2ae8f2723293d09aae046196cca64251acac

Warn: containerImage not pinned by hash: cmd/nodeport-proxy/Dockerfile:15: pin your Docker image by updating docker.io/alpine:3.19 to docker.io/alpine:3.19@sha256:e5d0aea7f7d2954678a9a6269ca2d06e06591881161961ea59e974dff3f12377

Warn: containerImage not pinned by hash: cmd/s3-exporter/Dockerfile:15: pin your Docker image by updating gcr.io/distroless/static-debian12:nonroot to gcr.io/distroless/static-debian12:nonroot@sha256:6ec5aa99dc335666e79dc64e4a6c8b89c33a543a1967f20d360922a80dd21f02

Warn: containerImage not pinned by hash: cmd/user-ssh-keys-agent/Dockerfile:15: pin your Docker image by updating gcr.io/distroless/static-debian12 to gcr.io/distroless/static-debian12@sha256:3f2b64ef97bd285e36132c684e6b2ae8f2723293d09aae046196cca64251acac

Warn: containerImage not pinned by hash: cmd/user-ssh-keys-agent/Dockerfile.multiarch:15

Warn: containerImage not pinned by hash: cmd/user-ssh-keys-agent/Dockerfile.multiarch:31: pin your Docker image by updating gcr.io/distroless/static-debian12 to gcr.io/distroless/static-debian12@sha256:3f2b64ef97bd285e36132c684e6b2ae8f2723293d09aae046196cca64251acac

Warn: containerImage not pinned by hash: hack/images/integration-tests/Dockerfile:15: pin your Docker image by updating quay.io/kubermatic/build:go-1.23-node-20-kind-0.24-3 to quay.io/kubermatic/build:go-1.23-node-20-kind-0.24-3@sha256:ff5a325b141db292a79b54bd8d79b40424e4d6a113d87a155c4b2819ca9a0f72

Warn: containerImage not pinned by hash: hack/images/startup-script/Dockerfile:15: pin your Docker image by updating docker.io/alpine:3.18 to docker.io/alpine:3.18@sha256:de0eb0b3f2a47ba1eb89389859a9bd88b28e82f5826b6969ad604979713c2d4f

Warn: containerImage not pinned by hash: hack/images/util/Dockerfile:15: pin your Docker image by updating docker.io/alpine:3.19 to docker.io/alpine:3.19@sha256:e5d0aea7f7d2954678a9a6269ca2d06e06591881161961ea59e974dff3f12377

Warn: goCommand not pinned by hash: hack/changelog-gen.sh:54

Info: 0 out of 20 containerImage dependencies pinned

Info: 0 out of 1 goCommand dependencies pinned