Go module

github.com/weaveworks/weave

v2.6.3+incompatible

Newer version available

Published

May 28, 2020

Links

Origin: https://pkg.go.dev/github.com/weaveworks/weave@v2.6.3+incompatible
Repo: https://github.com/weaveworks/weave

Projects

weaveworks/weave

GitHub

Simple, resilient multi-host containers networking and more.

678 forks

7k stars

OpenSSF scorecard

The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.

View information about checks and how to fix failures.

Score

2.9/10

Scorecard as of March 3, 2025.

Code-Review

5/10

Determines if the project requires human code review before pull requests (aka merge requests) are merged.

Reasoning

Found 10/18 approved changesets -- score normalized to 5

Security-Policy

9/10

Determines if the project has published a security policy.

Reasoning

security policy file detected

CII-Best-Practices

0/10

Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.

Reasoning

no effort to earn an OpenSSF best practices badge detected

Maintained

0/10

Determines if the project is "actively maintained".

Reasoning

project is archived

License

10/10

Determines if the project has defined a license.

Reasoning

license file detected

Fuzzing

0/10

Determines if the project uses fuzzing.

Reasoning

project is not fuzzed

Signed-Releases

0/10

Determines if the project cryptographically signs release artifacts.

Reasoning

Project has not signed or included provenance with any releases.

Binary-Artifacts

10/10

Determines if the project has generated executable (binary) artifacts in the source repository.

Reasoning

no binaries found in the repo

SAST

0/10

Determines if the project uses static code analysis.

Reasoning

SAST tool is not run on all commits -- score normalized to 0

Pinned-Dependencies

0/10

Determines if the project has declared and pinned the dependencies of its build process.

Reasoning

dependency not pinned by hash detected -- score normalized to 0

Vulnerabilities

0/10

Determines if the project has open, known unfixed vulnerabilities.

Reasoning

62 existing vulnerabilities detected

Project metadata as of March 11, 2025.

This site uses cookies from Google to deliver its services and to analyze traffic.

Vulnerabilities

Warn: Project is vulnerable to: GO-2022-0391 / GHSA-6jvc-q2x7-pchv / GHSA-76wf-9vgp-pj7w

Warn: Project is vulnerable to: GO-2022-0635 / GHSA-7f33-f4f5-xwgw

Warn: Project is vulnerable to: GO-2022-0646 / GHSA-f5pg-7wfw-84q9

Warn: Project is vulnerable to: GO-2022-0230 / GHSA-xjqr-g762-pxwp

Warn: Project is vulnerable to: GO-2021-0072 / GHSA-h62f-wm92-2cmw

Warn: Project is vulnerable to: GO-2022-0379 / GHSA-qq97-vm5h-rrhg

Warn: Project is vulnerable to: GHSA-hqxw-f8mx-cpmw

Warn: Project is vulnerable to: GHSA-j249-ghv5-7mxv

Warn: Project is vulnerable to: GHSA-6hwg-w5jg-9c6x

Warn: Project is vulnerable to: GO-2024-2521

Warn: Project is vulnerable to: GO-2024-2500 / GHSA-3fwx-pjgw-3558

Warn: Project is vulnerable to: GO-2024-2913 / GHSA-v994-f8vw-g7j4

Warn: Project is vulnerable to: GO-2024-2914 / GHSA-xmmx-7jpf-fx42

Warn: Project is vulnerable to: GO-2022-0390 / GHSA-2mm7-x5h6-5pvq

Warn: Project is vulnerable to: GO-2022-0985 / GHSA-rc4r-wh2q-q6c4

Warn: Project is vulnerable to: GO-2022-1107 / GHSA-vp35-85q5-9f25

Warn: Project is vulnerable to: GO-2023-1699 / GHSA-232p-vwff-86mp

Warn: Project is vulnerable to: GO-2023-1700 / GHSA-33pg-m6jh-5237

Warn: Project is vulnerable to: GO-2023-1701 / GHSA-6wrf-mxfj-pf5p

Warn: Project is vulnerable to: GHSA-jq35-85cj-fj4p

Warn: Project is vulnerable to: GHSA-mq39-4gv4-mvpx

Warn: Project is vulnerable to: GO-2024-2512 / GHSA-xw73-rw38-6vjc

Warn: Project is vulnerable to: GO-2020-0028 / GHSA-9jcx-pr2f-qvq5

Warn: Project is vulnerable to: GO-2020-0008 / GHSA-44r7-7p62-q3fr

Warn: Project is vulnerable to: GHSA-77vh-xpmg-72qh

Warn: Project is vulnerable to: GO-2022-0835 / GHSA-gp4j-w3vj-7299

Warn: Project is vulnerable to: GO-2021-0085 / GHSA-fgv8-vj5c-2ppq

Warn: Project is vulnerable to: GO-2021-0087 / GHSA-fh74-hm69-rqjw

Warn: Project is vulnerable to: GO-2022-0396 / GHSA-g54h-m393-cpwq

Warn: Project is vulnerable to: GO-2022-0914 / GHSA-c3xm-pvg7-gh7r

Warn: Project is vulnerable to: GHSA-v95c-p5hm-xq8f

Warn: Project is vulnerable to: GO-2022-0452 / GHSA-f3fp-gc8g-vw66

Warn: Project is vulnerable to: GO-2023-1683 / GHSA-g2j6-57v7-gm8c

Warn: Project is vulnerable to: GO-2023-1682 / GHSA-m8cg-xc2p-r3fc

Warn: Project is vulnerable to: GO-2024-3110 / GHSA-jfvp-7x6p-h2pv

Warn: Project is vulnerable to: GO-2022-0322 / GHSA-cg3q-j54f-5p7p

Warn: Project is vulnerable to: GO-2021-0227 / GHSA-3vm4-22fp-5rfm

Warn: Project is vulnerable to: GO-2022-0968 / GHSA-gwc9-m7rh-j2ww

Warn: Project is vulnerable to: GO-2021-0356 / GHSA-8c26-wmh5-6g9v

Warn: Project is vulnerable to: GO-2024-2961

Warn: Project is vulnerable to: GO-2023-2402 / GHSA-45x7-px36-x8w8

Warn: Project is vulnerable to: GO-2024-3321 / GHSA-v778-237x-gjrc

Warn: Project is vulnerable to: GO-2025-3487

Warn: Project is vulnerable to: GO-2022-0493 / GHSA-p782-xgp4-8hr8

Warn: Project is vulnerable to: GO-2024-2748 / GHSA-33c5-9fx5-fvjm

Warn: Project is vulnerable to: GO-2021-0064 / GHSA-8cfg-vx93-jvxw

Warn: Project is vulnerable to: GO-2022-0229 / GHSA-cjjc-xp8v-855w

Warn: Project is vulnerable to: GO-2020-0012 / GHSA-ffhg-7mh4-33c4

Warn: Project is vulnerable to: GO-2022-0197 / GHSA-4r78-hx75-jjj2 / GHSA-mv93-wvcp-7m7r

Warn: Project is vulnerable to: GO-2020-0014 / GHSA-vfw5-hrgq-h5wf

Warn: Project is vulnerable to: GO-2022-0536 / GHSA-39qc-96h7-956f / GHSA-hgr8-6h9x-f7q9

Warn: Project is vulnerable to: GO-2022-0236 / GHSA-h86h-8ppg-mxmh

Warn: Project is vulnerable to: GO-2021-0238 / GHSA-83g2-8m93-v3w7

Warn: Project is vulnerable to: GO-2022-0288

Warn: Project is vulnerable to: GO-2022-0969 / GHSA-69cg-p879-7622

Warn: Project is vulnerable to: GO-2022-1144 / GHSA-xrjj-mj9h-534m

Warn: Project is vulnerable to: GO-2023-1571 / GHSA-vvpx-j8f3-3w6h

Warn: Project is vulnerable to: GO-2023-1988 / GHSA-2wrh-6pvc-2jm9

Warn: Project is vulnerable to: GO-2023-2102 / GHSA-4374-p667-p6c8

Warn: Project is vulnerable to: GHSA-qppj-fm5r-hxr3

Warn: Project is vulnerable to: GO-2024-2687 / GHSA-4v7x-pqxf-cx7m

Warn: Project is vulnerable to: GO-2024-3333 / GHSA-w32m-9786-jp63