GitHub / talkpython / 100daysofweb-with-python-course
Demo code and resources for our 100 Days of Web in Python Course
JSON API: http://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/talkpython%2F100daysofweb-with-python-course
PURL: pkg:github/talkpython/100daysofweb-with-python-course
Stars: 635
Forks: 389
Open issues: 2
License: None
Language: JavaScript
Size: 7.51 MB
Dependencies parsed at: Pending
Created at: over 7 years ago
Updated at: 5 months ago
Pushed at: over 1 year ago
Last synced at: 5 months ago
Topics: 100daysofcode, python, web
OpenSSF Scorecard report
2.2
Overall Score
18/50 High Risk
0/40 Medium Risk
0/20 Low Risk
Generated on August 11, 2025
| Scorecard vv5.2.1-40-gf6ed084d
Security Checks
no binaries found in the repo
Determines if the project has generated executable (binary) artifacts in the source repository.
8 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 7
Determines if the project is "actively maintained".
Found 2/15 approved changesets -- score normalized to 1
Determines if the project requires human code review before pull requests (aka merge requests) are merged.
branch protection not enabled on development/release branches
Determines if the default and release branches are protected with GitHub's branch protection settings.
Show details
⚠️
Warn: branch protection not enabled for branch 'master'
no effort to earn an OpenSSF best practices badge detected
Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.
project is not fuzzed
Determines if the project uses fuzzing.
Show details
⚠️
Warn: no fuzzer integrations found
license file not detected
Determines if the project has defined a license.
Show details
⚠️
Warn: project does not have a license file
dependency not pinned by hash detected -- score normalized to 0
Determines if the project has declared and pinned the dependencies of its build process.
Show details
⚠️
Warn: containerImage not pinned by hash: days/097-100-docker/demo/base_server/dockerfile:1: pin your Docker image by updating ubuntu:latest to ubuntu:latest@sha256:7c06e91f61fa88c08cc74f7e1b7c69ae24910d745357e0dfe1d2c0322aaf20f9
⚠️
Warn: containerImage not pinned by hash: days/097-100-docker/demo/frontend/dockerfile:1
⚠️
Warn: containerImage not pinned by hash: days/097-100-docker/demo/services/dockerfile:1
⚠️
Warn: pipCommand not pinned by hash: days/097-100-docker/demo/services/dockerfile:5
⚠️
Warn: pipCommand not pinned by hash: days/097-100-docker/demo/services/dockerfile:6
⚠️
Warn: pipCommand not pinned by hash: days/097-100-docker/demo/services/dockerfile:10
⚠️
Warn: pipCommand not pinned by hash: days/089-092-deployment/demo/billtracker/server/server_setup.sh:43
⚠️
Warn: pipCommand not pinned by hash: days/089-092-deployment/demo/billtracker/server/server_setup.sh:44
⚠️
Warn: pipCommand not pinned by hash: days/089-092-deployment/demo/billtracker/server/server_setup.sh:45
⚠️
Warn: pipCommand not pinned by hash: days/089-092-deployment/demo/billtracker/server/server_setup.sh:54
ℹ️
Info: 0 out of 3 containerImage dependencies pinned
ℹ️
Info: 0 out of 7 pipCommand dependencies pinned
SAST tool is not run on all commits -- score normalized to 0
Determines if the project uses static code analysis.
Show details
⚠️
Warn: 0 commits out of 17 are checked with a SAST tool
security policy file not detected
Determines if the project has published a security policy.
Show details
⚠️
Warn: no security policy file detected
⚠️
Warn: no security file to analyze
⚠️
Warn: no security file to analyze
⚠️
Warn: no security file to analyze
155 existing vulnerabilities detected
Determines if the project has open, known unfixed vulnerabilities.
Show details
⚠️
Warn: Project is vulnerable to: GHSA-cpwx-vrp4-4pq7
⚠️
Warn: Project is vulnerable to: GHSA-gmj6-6f8f-6699
⚠️
Warn: Project is vulnerable to: GHSA-h5c8-rqwp-cp95
⚠️
Warn: Project is vulnerable to: GHSA-h75v-3vvj-5mfj
⚠️
Warn: Project is vulnerable to: GHSA-q2x7-8rv6-6q7h
⚠️
Warn: Project is vulnerable to: GHSA-2g68-c3qc-8985
⚠️
Warn: Project is vulnerable to: GHSA-f9vj-2wh5-fj8j
⚠️
Warn: Project is vulnerable to: GHSA-q34m-jh98-gwm2
⚠️
Warn: Project is vulnerable to: GHSA-vqfr-h8mv-ghfj
⚠️
Warn: Project is vulnerable to: PYSEC-2024-60 / GHSA-jjg7-2v4v-x38h
⚠️
Warn: Project is vulnerable to: GHSA-2c2j-9gv5-cj73
⚠️
Warn: Project is vulnerable to: GHSA-f96h-pmfr-66vw
⚠️
Warn: Project is vulnerable to: PYSEC-2021-100 / GHSA-8h2j-cgx8-6xv7
⚠️
Warn: Project is vulnerable to: PYSEC-2024-38
⚠️
Warn: Project is vulnerable to: PYSEC-2020-150 / GHSA-33c7-2mpw-hg34
⚠️
Warn: Project is vulnerable to: PYSEC-2020-151 / GHSA-f97h-2pfx-f59f
⚠️
Warn: Project is vulnerable to: PYSEC-2022-42986 / GHSA-43fp-rhv2-5gv8
⚠️
Warn: Project is vulnerable to: PYSEC-2023-135 / GHSA-xqr8-7jwr-rhp7
⚠️
Warn: Project is vulnerable to: PYSEC-2023-62 / GHSA-m2qf-hxjv-5gpq
⚠️
Warn: Project is vulnerable to: PYSEC-2021-66 / GHSA-g3rq-g295-4j3m
⚠️
Warn: Project is vulnerable to: GHSA-9hjg-9r4m-mvj7
⚠️
Warn: Project is vulnerable to: GHSA-9wx4-h78v-vm56
⚠️
Warn: Project is vulnerable to: PYSEC-2023-74 / GHSA-j8r2-6x86-q33q
⚠️
Warn: Project is vulnerable to: GHSA-34jh-p97f-mpxf
⚠️
Warn: Project is vulnerable to: PYSEC-2023-212 / GHSA-g4mx-q9vg-27p4
⚠️
Warn: Project is vulnerable to: GHSA-pq67-6m6q-mj2v
⚠️
Warn: Project is vulnerable to: PYSEC-2023-192 / GHSA-v845-jxx5-vc9f
⚠️
Warn: Project is vulnerable to: PYSEC-2023-221 / GHSA-hrfv-mqp8-q5rw
⚠️
Warn: Project is vulnerable to: GHSA-j544-7q9p-6xp8
⚠️
Warn: Project is vulnerable to: PYSEC-2023-57 / GHSA-px8h-6qxv-m22q
⚠️
Warn: Project is vulnerable to: PYSEC-2023-58 / GHSA-xg9f-g7g7-2323
⚠️
Warn: Project is vulnerable to: PYSEC-2022-203
⚠️
Warn: Project is vulnerable to: PYSEC-2023-120 / GHSA-45c4-8wx5-qw6w
⚠️
Warn: Project is vulnerable to: GHSA-5m98-qgg9-wh84
⚠️
Warn: Project is vulnerable to: GHSA-7gpw-8wmc-pm8g
⚠️
Warn: Project is vulnerable to: GHSA-8495-4g3g-x7pr
⚠️
Warn: Project is vulnerable to: PYSEC-2024-26 / GHSA-8qpw-xqxj-h4r2
⚠️
Warn: Project is vulnerable to: GHSA-9548-qrrj-x5pj
⚠️
Warn: Project is vulnerable to: PYSEC-2023-246 / GHSA-gfw2-4jvh-wgfg
⚠️
Warn: Project is vulnerable to: GHSA-pjjw-qhg8-p2p9
⚠️
Warn: Project is vulnerable to: PYSEC-2023-250 / GHSA-q3qx-c6g2-7pw2
⚠️
Warn: Project is vulnerable to: PYSEC-2023-251 / GHSA-qvrw-v9rv-5rjx
⚠️
Warn: Project is vulnerable to: PYSEC-2021-76 / GHSA-v6wp-4m6f-gcjg
⚠️
Warn: Project is vulnerable to: PYSEC-2023-247 / GHSA-xx9p-xxvh-7g8j
⚠️
Warn: Project is vulnerable to: PYSEC-2018-66 / GHSA-562c-5r94-xh97
⚠️
Warn: Project is vulnerable to: PYSEC-2019-179 / GHSA-5wv5-4vpf-pj6m
⚠️
Warn: Project is vulnerable to: PYSEC-2014-14 / GHSA-652x-xj99-gmcc
⚠️
Warn: Project is vulnerable to: PYSEC-2014-13 / GHSA-cfj3-7x9c-4p3h
⚠️
Warn: Project is vulnerable to: PYSEC-2018-28 / GHSA-x84v-xcm2-53pg
⚠️
Warn: Project is vulnerable to: PYSEC-2023-117 / GHSA-mrwq-x4v8-fh7p
⚠️
Warn: Project is vulnerable to: GHSA-968p-4wvh-cqc8
⚠️
Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
⚠️
Warn: Project is vulnerable to: GHSA-qwcr-r2fm-qrc7
⚠️
Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw
⚠️
Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
⚠️
Warn: Project is vulnerable to: GHSA-pxg6-pf52-xh8x
⚠️
Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
⚠️
Warn: Project is vulnerable to: GHSA-ghr5-ch3p-vcr6
⚠️
Warn: Project is vulnerable to: GHSA-rv95-896h-c2vc
⚠️
Warn: Project is vulnerable to: GHSA-qw6h-vgh9-j6wx
⚠️
Warn: Project is vulnerable to: GHSA-jchw-25xp-jwwc
⚠️
Warn: Project is vulnerable to: GHSA-cxjh-pqwp-8mfp
⚠️
Warn: Project is vulnerable to: GHSA-fjxv-7rqg-78g4
⚠️
Warn: Project is vulnerable to: GHSA-c7qv-q95q-8v27
⚠️
Warn: Project is vulnerable to: GHSA-4www-5p9h-95mh
⚠️
Warn: Project is vulnerable to: GHSA-9gqv-wp59-fq42
⚠️
Warn: Project is vulnerable to: GHSA-9c47-m6qq-7p4h
⚠️
Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
⚠️
Warn: Project is vulnerable to: GHSA-mwcw-c2x4-8c55
⚠️
Warn: Project is vulnerable to: GHSA-rp65-9cf3-cjxr
⚠️
Warn: Project is vulnerable to: GHSA-76c9-3jph-rj3q
⚠️
Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j
⚠️
Warn: Project is vulnerable to: GHSA-rhx6-c78j-4q9w
⚠️
Warn: Project is vulnerable to: GHSA-7fh5-64p2-3v2j
⚠️
Warn: Project is vulnerable to: GHSA-gcx4-mw62-g8wm
⚠️
Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
⚠️
Warn: Project is vulnerable to: GHSA-m6fv-jmcg-4jfg
⚠️
Warn: Project is vulnerable to: GHSA-76p7-773f-r4q5
⚠️
Warn: Project is vulnerable to: GHSA-cm22-4g7w-348p
⚠️
Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3
⚠️
Warn: Project is vulnerable to: GHSA-hc6q-2mpp-qw7j
⚠️
Warn: Project is vulnerable to: GHSA-4vvj-4cpr-p986
⚠️
Warn: Project is vulnerable to: GHSA-wr3j-pwj9-hqq6
⚠️
Warn: Project is vulnerable to: GHSA-4v9v-hfq4-rm2v
⚠️
Warn: Project is vulnerable to: GHSA-9jgg-88mc-972h
⚠️
Warn: Project is vulnerable to: GHSA-j8xg-fqg3-53r7
⚠️
Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q
⚠️
Warn: Project is vulnerable to: GHSA-wf5p-g6vw-rhxx
⚠️
Warn: Project is vulnerable to: GHSA-jr5f-v2jv-69x6
⚠️
Warn: Project is vulnerable to: PYSEC-2014-5 / GHSA-296w-6qhq-gf92
⚠️
Warn: Project is vulnerable to: PYSEC-2011-2 / GHSA-3jqw-crqj-w8qw
⚠️
Warn: Project is vulnerable to: PYSEC-2012-3 / GHSA-59w8-4wm2-4xw8
⚠️
Warn: Project is vulnerable to: PYSEC-2012-4 / GHSA-5h2q-4hrp-v9rr
⚠️
Warn: Project is vulnerable to: PYSEC-2014-6 / GHSA-625g-gx8c-xcmg
⚠️
Warn: Project is vulnerable to: PYSEC-2015-8 / GHSA-6565-fg86-6jcx
⚠️
Warn: Project is vulnerable to: PYSEC-2021-98 / GHSA-68w8-qjq3-2gfm
⚠️
Warn: Project is vulnerable to: PYSEC-2012-2 / GHSA-78vx-ggch-wghm
⚠️
Warn: Project is vulnerable to: PYSEC-2015-9 / GHSA-7fq8-4pv5-5w5c
⚠️
Warn: Project is vulnerable to: PYSEC-2015-4 / GHSA-7qfw-j7hp-v45g
⚠️
Warn: Project is vulnerable to: PYSEC-2011-9 / GHSA-7wph-fc4w-wqp2
⚠️
Warn: Project is vulnerable to: GHSA-7xr5-9hcq-chf9
⚠️
Warn: Project is vulnerable to: PYSEC-2014-2 / GHSA-89hj-xfx5-7q66
⚠️
Warn: Project is vulnerable to: GHSA-8x94-hmjh-97hq
⚠️
Warn: Project is vulnerable to: PYSEC-2016-2 / GHSA-c8c8-9472-w52h
⚠️
Warn: Project is vulnerable to: PYSEC-2016-3 / GHSA-crhm-qpjc-cm64
⚠️
Warn: Project is vulnerable to: PYSEC-2014-4 / GHSA-f7cm-ccfp-3q4r
⚠️
Warn: Project is vulnerable to: PYSEC-2016-16 / GHSA-fp6p-5xvw-m74f
⚠️
Warn: Project is vulnerable to: PYSEC-2011-8 / GHSA-fwr5-q9rx-294f
⚠️
Warn: Project is vulnerable to: PYSEC-2015-5 / GHSA-gv98-g628-m9x5
⚠️
Warn: Project is vulnerable to: PYSEC-2015-20 / GHSA-h582-2pch-3xv3
⚠️
Warn: Project is vulnerable to: PYSEC-2011-5 / GHSA-h95j-h2rv-qrg4
⚠️
Warn: Project is vulnerable to: GHSA-hmr4-m2h5-33qx
⚠️
Warn: Project is vulnerable to: PYSEC-2015-6 / GHSA-jhjg-w2cp-5j44
⚠️
Warn: Project is vulnerable to: PYSEC-2016-15 / GHSA-pw27-w7w4-9qc7
⚠️
Warn: Project is vulnerable to: PYSEC-2015-10 / GHSA-q5qw-4364-5hhm
⚠️
Warn: Project is vulnerable to: PYSEC-2011-4 / GHSA-rm2j-x595-q9cj
⚠️
Warn: Project is vulnerable to: GHSA-rrqc-c2jx-6jgv
⚠️
Warn: Project is vulnerable to: PYSEC-2014-1 / GHSA-rvq6-mrpv-m6rm
⚠️
Warn: Project is vulnerable to: PYSEC-2014-7 / GHSA-rw75-m7gp-92m3
⚠️
Warn: Project is vulnerable to: PYSEC-2019-16 / GHSA-vfq6-hq5r-27r6
⚠️
Warn: Project is vulnerable to: PYSEC-2014-3 / GHSA-wqjj-hx84-v449
⚠️
Warn: Project is vulnerable to: PYSEC-2011-3 / GHSA-wxg3-mfph-qg9w
⚠️
Warn: Project is vulnerable to: PYSEC-2011-1 / GHSA-x88j-93vc-wpmp
⚠️
Warn: Project is vulnerable to: PYSEC-2007-1
⚠️
Warn: Project is vulnerable to: PYSEC-2008-1
⚠️
Warn: Project is vulnerable to: PYSEC-2008-2
⚠️
Warn: Project is vulnerable to: PYSEC-2009-3
⚠️
Warn: Project is vulnerable to: PYSEC-2015-11
⚠️
Warn: Project is vulnerable to: PYSEC-2015-7
⚠️
Warn: Project is vulnerable to: PYSEC-2016-18
⚠️
Warn: Project is vulnerable to: PYSEC-2022-43167
⚠️
Warn: Project is vulnerable to: PYSEC-2023-206
⚠️
Warn: Project is vulnerable to: PYSEC-2023-48 / GHSA-74m5-2c7w-9w3x
⚠️
Warn: Project is vulnerable to: PYSEC-2010-1 / GHSA-7q8x-38mc-p84f
⚠️
Warn: Project is vulnerable to: PYSEC-2022-260 / GHSA-v973-fxgf-6xhp
⚠️
Warn: Project is vulnerable to: PYSEC-2019-124 / GHSA-38fc-9xqv-7f7q
⚠️
Warn: Project is vulnerable to: PYSEC-2019-123 / GHSA-887w-45rq-vxgf
⚠️
Warn: Project is vulnerable to: PYSEC-2012-9 / GHSA-hfg2-wf6j-x53p
⚠️
Warn: Project is vulnerable to: PYSEC-2024-211 / GHSA-3f84-rpwh-47g6
⚠️
Warn: Project is vulnerable to: PYSEC-2022-169 / GHSA-4f7p-27jc-3c36
⚠️
Warn: Project is vulnerable to: PYSEC-2020-178 / GHSA-4ppp-gpcr-7qf6 / GHSA-j7j6-7hfx-5522
⚠️
Warn: Project is vulnerable to: PYSEC-2019-138 / GHSA-968f-66r5-5v74
⚠️
Warn: Project is vulnerable to: PYSEC-2019-137 / GHSA-g2xc-35jw-c63p
⚠️
Warn: Project is vulnerable to: GHSA-m5ff-3wj3-8ph4
⚠️
Warn: Project is vulnerable to: PYSEC-2019-136 / GHSA-pg36-wpm5-g57p
⚠️
Warn: Project is vulnerable to: PYSEC-2020-155
⚠️
Warn: Project is vulnerable to: PYSEC-2024-188 / GHSA-mg3v-6m49-jhp3
⚠️
Warn: Project is vulnerable to: GHSA-hc5x-x2vx-497g
⚠️
Warn: Project is vulnerable to: GHSA-w3h3-4rj7-4ph4
⚠️
Warn: Project is vulnerable to: PYSEC-2020-263 / GHSA-fx83-3ph3-9j2q
⚠️
Warn: Project is vulnerable to: GHSA-gw84-84pc-xp82
⚠️
Warn: Project is vulnerable to: PYSEC-2021-129 / GHSA-qhx9-7hx7-cp4r
⚠️
Warn: Project is vulnerable to: PYSEC-2022-227 / GHSA-xhp9-4947-rq78
⚠️
Warn: Project is vulnerable to: GHSA-5j4c-8p2g-v4jx
⚠️
Warn: Project is vulnerable to: GHSA-vc8w-jr9v-vj7f
no workflows found
Determines if the project's GitHub Action workflows avoid dangerous patterns.
packaging workflow not detected
Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.
Show details
⚠️
Warn: no GitHub/GitLab publishing workflow detected.
no releases found
Determines if the project cryptographically signs release artifacts.