Home/beehive/Trust report

Trust and health report

beehive - trust report

Sourced, dated trust signals - maintenance label posture, repository provenance, and security scan status. Not a composite safety grade.

GraphCanon updated today · GitHub synced today

Maintenance

Recency and activity heuristics from public GitHub metadata (maintenance label, momentum); methodology: github_public_v1.

Dormant18% signal

last push 1236d ago · last release 6y

Provenance

Repository identity and fork provenance (github_public_v1).

  • GitHub repo id: 21141781
  • Not a fork
  • Personal account
  • Computed today

Security intelligence

Source-by-source security scan results from public intelligence providers. Missing, partial, or failed queries are shown explicitly and are not treated as clean.

OSV dependency advisories

Published findings
Last query
today
Scanner
osv@v1
Stored findings
132
View source evidence

deps.dev advisories

Not queried
Scanner
deps.dev@v1
View source evidence

OpenSSF Scorecard

Not queried
Scanner
openssf-scorecard@v1

Weekly public scans omit some checks at scale.

View source evidence

Dependency advisories (deduplicated)

GHSA-w73w-5m7g-f7qc
github.com/dgrijalva/jwt-go@v3.2.0+incompatible · osv@v1
go.sum
GO-2020-0017
github.com/dgrijalva/jwt-go@v3.2.0+incompatible · osv@v1
go.sum
GHSA-r48q-9g5r-8q2h
github.com/emicklei/go-restful@v2.9.3+incompatible · osv@v1
go.sum
GO-2022-0619
github.com/emicklei/go-restful@v2.9.3+incompatible · osv@v1
go.sum
GHSA-3xh2-74w9-5vxm
github.com/gorilla/websocket@v1.4.0 · osv@v1
go.sum
GO-2020-0019
github.com/gorilla/websocket@v1.4.0 · osv@v1
go.sum
GO-2024-2882
github.com/huandu/facebook@v2.3.1+incompatible · osv@v1
go.sum
GHSA-cg3q-j54f-5p7p
github.com/prometheus/client_golang@v0.9.2 · osv@v1
go.sum
GO-2022-0322
github.com/prometheus/client_golang@v0.9.2 · osv@v1
go.sum
GHSA-4f99-4q7p-p3gh
github.com/sirupsen/logrus@v1.4.1 · osv@v1
go.sum
GO-2025-4188
github.com/sirupsen/logrus@v1.4.1 · osv@v1
go.sum
GHSA-3vm4-22fp-5rfm
golang.org/x/crypto@v0.0.0-20190308221718-c2843e01d9a2 · osv@v1
go.sum
GHSA-45gg-vh54-h5m9
golang.org/x/crypto@v0.0.0-20190308221718-c2843e01d9a2 · osv@v1
go.sum
GHSA-45x7-px36-x8w8
golang.org/x/crypto@v0.0.0-20190308221718-c2843e01d9a2 · osv@v1
go.sum
GHSA-5cgq-3rg8-m6cv
golang.org/x/crypto@v0.0.0-20190308221718-c2843e01d9a2 · osv@v1
go.sum
GHSA-78mq-xcr3-xm33
golang.org/x/crypto@v0.0.0-20190308221718-c2843e01d9a2 · osv@v1
go.sum
GHSA-89gr-r52h-f8rx
golang.org/x/crypto@v0.0.0-20190308221718-c2843e01d9a2 · osv@v1
go.sum
GHSA-8c26-wmh5-6g9v
golang.org/x/crypto@v0.0.0-20190308221718-c2843e01d9a2 · osv@v1
go.sum
GHSA-9m57-25v3-79x9
golang.org/x/crypto@v0.0.0-20190308221718-c2843e01d9a2 · osv@v1
go.sum
GHSA-cjjc-xp8v-855w
golang.org/x/crypto@v0.0.0-20190308221718-c2843e01d9a2 · osv@v1
go.sum
GHSA-f5wc-c3c7-36mc
golang.org/x/crypto@v0.0.0-20190308221718-c2843e01d9a2 · osv@v1
go.sum
GHSA-f6x5-jh6r-wrfv
golang.org/x/crypto@v0.0.0-20190308221718-c2843e01d9a2 · osv@v1
go.sum
GHSA-ffhg-7mh4-33c4
golang.org/x/crypto@v0.0.0-20190308221718-c2843e01d9a2 · osv@v1
go.sum
GHSA-gwc9-m7rh-j2ww
golang.org/x/crypto@v0.0.0-20190308221718-c2843e01d9a2 · osv@v1
go.sum
GHSA-hcg3-q754-cr77
golang.org/x/crypto@v0.0.0-20190308221718-c2843e01d9a2 · osv@v1
go.sum
GHSA-j5w8-q4qc-rx2x
golang.org/x/crypto@v0.0.0-20190308221718-c2843e01d9a2 · osv@v1
go.sum
GHSA-jppx-rxg9-jmrx
golang.org/x/crypto@v0.0.0-20190308221718-c2843e01d9a2 · osv@v1
go.sum
GHSA-q4h4-gmj2-qvw2
golang.org/x/crypto@v0.0.0-20190308221718-c2843e01d9a2 · osv@v1
go.sum
GHSA-qpw4-5x99-6vjp
golang.org/x/crypto@v0.0.0-20190308221718-c2843e01d9a2 · osv@v1
go.sum
GHSA-r5c5-pr8j-pfp7
golang.org/x/crypto@v0.0.0-20190308221718-c2843e01d9a2 · osv@v1
go.sum
GHSA-rm3j-f69w-wqmq
golang.org/x/crypto@v0.0.0-20190308221718-c2843e01d9a2 · osv@v1
go.sum
GHSA-v778-237x-gjrc
golang.org/x/crypto@v0.0.0-20190308221718-c2843e01d9a2 · osv@v1
go.sum
GHSA-vgwf-h737-ff37
golang.org/x/crypto@v0.0.0-20190308221718-c2843e01d9a2 · osv@v1
go.sum
GHSA-w879-237q-wc7r
golang.org/x/crypto@v0.0.0-20190308221718-c2843e01d9a2 · osv@v1
go.sum
GHSA-x3jr-pf6g-c48f
golang.org/x/crypto@v0.0.0-20190308221718-c2843e01d9a2 · osv@v1
go.sum
GHSA-x527-x647-q7gg
golang.org/x/crypto@v0.0.0-20190308221718-c2843e01d9a2 · osv@v1
go.sum
GO-2020-0012
golang.org/x/crypto@v0.0.0-20190308221718-c2843e01d9a2 · osv@v1
go.sum
GO-2021-0227
golang.org/x/crypto@v0.0.0-20190308221718-c2843e01d9a2 · osv@v1
go.sum
GO-2021-0356
golang.org/x/crypto@v0.0.0-20190308221718-c2843e01d9a2 · osv@v1
go.sum
GO-2022-0209
golang.org/x/crypto@v0.0.0-20190308221718-c2843e01d9a2 · osv@v1
go.sum
GO-2022-0229
golang.org/x/crypto@v0.0.0-20190308221718-c2843e01d9a2 · osv@v1
go.sum
GO-2022-0968
golang.org/x/crypto@v0.0.0-20190308221718-c2843e01d9a2 · osv@v1
go.sum
GO-2023-1992
golang.org/x/crypto@v0.0.0-20190308221718-c2843e01d9a2 · osv@v1
go.sum
GO-2023-2402
golang.org/x/crypto@v0.0.0-20190308221718-c2843e01d9a2 · osv@v1
go.sum
GO-2024-2961
golang.org/x/crypto@v0.0.0-20190308221718-c2843e01d9a2 · osv@v1
go.sum
GO-2024-3321
golang.org/x/crypto@v0.0.0-20190308221718-c2843e01d9a2 · osv@v1
go.sum
GO-2025-3487
golang.org/x/crypto@v0.0.0-20190308221718-c2843e01d9a2 · osv@v1
go.sum
GO-2025-4116
golang.org/x/crypto@v0.0.0-20190308221718-c2843e01d9a2 · osv@v1
go.sum
GO-2025-4134
golang.org/x/crypto@v0.0.0-20190308221718-c2843e01d9a2 · osv@v1
go.sum
GO-2025-4135
golang.org/x/crypto@v0.0.0-20190308221718-c2843e01d9a2 · osv@v1
go.sum
GO-2026-5005
golang.org/x/crypto@v0.0.0-20190308221718-c2843e01d9a2 · osv@v1
go.sum
GO-2026-5006
golang.org/x/crypto@v0.0.0-20190308221718-c2843e01d9a2 · osv@v1
go.sum
GO-2026-5013
golang.org/x/crypto@v0.0.0-20190308221718-c2843e01d9a2 · osv@v1
go.sum
GO-2026-5014
golang.org/x/crypto@v0.0.0-20190308221718-c2843e01d9a2 · osv@v1
go.sum
GO-2026-5015
golang.org/x/crypto@v0.0.0-20190308221718-c2843e01d9a2 · osv@v1
go.sum
GO-2026-5016
golang.org/x/crypto@v0.0.0-20190308221718-c2843e01d9a2 · osv@v1
go.sum
GO-2026-5017
golang.org/x/crypto@v0.0.0-20190308221718-c2843e01d9a2 · osv@v1
go.sum
GO-2026-5018
golang.org/x/crypto@v0.0.0-20190308221718-c2843e01d9a2 · osv@v1
go.sum
GO-2026-5019
golang.org/x/crypto@v0.0.0-20190308221718-c2843e01d9a2 · osv@v1
go.sum
GO-2026-5020
golang.org/x/crypto@v0.0.0-20190308221718-c2843e01d9a2 · osv@v1
go.sum
GO-2026-5021
golang.org/x/crypto@v0.0.0-20190308221718-c2843e01d9a2 · osv@v1
go.sum
GO-2026-5023
golang.org/x/crypto@v0.0.0-20190308221718-c2843e01d9a2 · osv@v1
go.sum
GO-2026-5033
golang.org/x/crypto@v0.0.0-20190308221718-c2843e01d9a2 · osv@v1
go.sum
GO-2026-5932
golang.org/x/crypto@v0.0.0-20190308221718-c2843e01d9a2 · osv@v1
go.sum
GHSA-44p7-9xx4-hf2g
golang.org/x/image@v0.0.0-20200927104501-e162460cd6b5 · osv@v1
go.sum
GHSA-9phm-fm57-rhg8
golang.org/x/image@v0.0.0-20200927104501-e162460cd6b5 · osv@v1
go.sum
GHSA-j3p8-6mrq-6g7h
golang.org/x/image@v0.0.0-20200927104501-e162460cd6b5 · osv@v1
go.sum
GHSA-q675-qj96-32m9
golang.org/x/image@v0.0.0-20200927104501-e162460cd6b5 · osv@v1
go.sum
GHSA-qgc7-mgm3-q253
golang.org/x/image@v0.0.0-20200927104501-e162460cd6b5 · osv@v1
go.sum
GHSA-x92r-3vfx-4cv3
golang.org/x/image@v0.0.0-20200927104501-e162460cd6b5 · osv@v1
go.sum
GO-2023-1572
golang.org/x/image@v0.0.0-20200927104501-e162460cd6b5 · osv@v1
go.sum
GO-2023-1989
golang.org/x/image@v0.0.0-20200927104501-e162460cd6b5 · osv@v1
go.sum
GO-2023-1990
golang.org/x/image@v0.0.0-20200927104501-e162460cd6b5 · osv@v1
go.sum
GO-2024-2937
golang.org/x/image@v0.0.0-20200927104501-e162460cd6b5 · osv@v1
go.sum
GO-2026-4815
golang.org/x/image@v0.0.0-20200927104501-e162460cd6b5 · osv@v1
go.sum
GO-2026-4961
golang.org/x/image@v0.0.0-20200927104501-e162460cd6b5 · osv@v1
go.sum
GO-2026-4962
golang.org/x/image@v0.0.0-20200927104501-e162460cd6b5 · osv@v1
go.sum
GO-2026-5031
golang.org/x/image@v0.0.0-20200927104501-e162460cd6b5 · osv@v1
go.sum
GO-2026-5032
golang.org/x/image@v0.0.0-20200927104501-e162460cd6b5 · osv@v1
go.sum
GO-2026-5061
golang.org/x/image@v0.0.0-20200927104501-e162460cd6b5 · osv@v1
go.sum
GO-2026-5062
golang.org/x/image@v0.0.0-20200927104501-e162460cd6b5 · osv@v1
go.sum
GO-2026-5066
golang.org/x/image@v0.0.0-20200927104501-e162460cd6b5 · osv@v1
go.sum
GHSA-2wrh-6pvc-2jm9
golang.org/x/net@v0.0.0-20191014212845-da9a3fd4c582 · osv@v1
go.sum
GHSA-4374-p667-p6c8
golang.org/x/net@v0.0.0-20191014212845-da9a3fd4c582 · osv@v1
go.sum
GHSA-4v7x-pqxf-cx7m
golang.org/x/net@v0.0.0-20191014212845-da9a3fd4c582 · osv@v1
go.sum
GHSA-5cv4-jp36-h3mw
golang.org/x/net@v0.0.0-20191014212845-da9a3fd4c582 · osv@v1
go.sum
GHSA-69cg-p879-7622
golang.org/x/net@v0.0.0-20191014212845-da9a3fd4c582 · osv@v1
go.sum
GHSA-83g2-8m93-v3w7
golang.org/x/net@v0.0.0-20191014212845-da9a3fd4c582 · osv@v1
go.sum
GHSA-h86h-8ppg-mxmh
golang.org/x/net@v0.0.0-20191014212845-da9a3fd4c582 · osv@v1
go.sum
GHSA-qppj-fm5r-hxr3
golang.org/x/net@v0.0.0-20191014212845-da9a3fd4c582 · osv@v1
go.sum
GHSA-qxp5-gwg8-xv66
golang.org/x/net@v0.0.0-20191014212845-da9a3fd4c582 · osv@v1
go.sum
GHSA-vvgc-356p-c3xw
golang.org/x/net@v0.0.0-20191014212845-da9a3fd4c582 · osv@v1
go.sum
GHSA-vvpx-j8f3-3w6h
golang.org/x/net@v0.0.0-20191014212845-da9a3fd4c582 · osv@v1
go.sum
GHSA-xrjj-mj9h-534m
golang.org/x/net@v0.0.0-20191014212845-da9a3fd4c582 · osv@v1
go.sum
GO-2021-0238
golang.org/x/net@v0.0.0-20191014212845-da9a3fd4c582 · osv@v1
go.sum
GO-2022-0236
golang.org/x/net@v0.0.0-20191014212845-da9a3fd4c582 · osv@v1
go.sum
GO-2022-0288
golang.org/x/net@v0.0.0-20191014212845-da9a3fd4c582 · osv@v1
go.sum
GO-2022-0969
golang.org/x/net@v0.0.0-20191014212845-da9a3fd4c582 · osv@v1
go.sum
GO-2022-1144
golang.org/x/net@v0.0.0-20191014212845-da9a3fd4c582 · osv@v1
go.sum
GO-2023-1571
golang.org/x/net@v0.0.0-20191014212845-da9a3fd4c582 · osv@v1
go.sum
GO-2023-1988
golang.org/x/net@v0.0.0-20191014212845-da9a3fd4c582 · osv@v1
go.sum
GO-2023-2102
golang.org/x/net@v0.0.0-20191014212845-da9a3fd4c582 · osv@v1
go.sum
GO-2024-2687
golang.org/x/net@v0.0.0-20191014212845-da9a3fd4c582 · osv@v1
go.sum
GO-2024-3333
golang.org/x/net@v0.0.0-20191014212845-da9a3fd4c582 · osv@v1
go.sum
GO-2025-3503
golang.org/x/net@v0.0.0-20191014212845-da9a3fd4c582 · osv@v1
go.sum
GO-2025-3595
golang.org/x/net@v0.0.0-20191014212845-da9a3fd4c582 · osv@v1
go.sum
GO-2026-4440
golang.org/x/net@v0.0.0-20191014212845-da9a3fd4c582 · osv@v1
go.sum
GO-2026-4441
golang.org/x/net@v0.0.0-20191014212845-da9a3fd4c582 · osv@v1
go.sum
GO-2026-4918
golang.org/x/net@v0.0.0-20191014212845-da9a3fd4c582 · osv@v1
go.sum
GO-2026-5025
golang.org/x/net@v0.0.0-20191014212845-da9a3fd4c582 · osv@v1
go.sum
GO-2026-5026
golang.org/x/net@v0.0.0-20191014212845-da9a3fd4c582 · osv@v1
go.sum
GO-2026-5027
golang.org/x/net@v0.0.0-20191014212845-da9a3fd4c582 · osv@v1
go.sum
GO-2026-5028
golang.org/x/net@v0.0.0-20191014212845-da9a3fd4c582 · osv@v1
go.sum
GO-2026-5029
golang.org/x/net@v0.0.0-20191014212845-da9a3fd4c582 · osv@v1
go.sum
GO-2026-5030
golang.org/x/net@v0.0.0-20191014212845-da9a3fd4c582 · osv@v1
go.sum
GHSA-6v2p-p543-phr9
golang.org/x/oauth2@v0.0.0-20190402181905-9f3314589c9a · osv@v1
go.sum
GO-2025-3488
golang.org/x/oauth2@v0.0.0-20190402181905-9f3314589c9a · osv@v1
go.sum
GHSA-p782-xgp4-8hr8
golang.org/x/sys@v0.0.0-20190215142949-d0b11bdaac8a · osv@v1
go.sum
GO-2022-0493
golang.org/x/sys@v0.0.0-20190215142949-d0b11bdaac8a · osv@v1
go.sum
GO-2026-5024
golang.org/x/sys@v0.0.0-20190215142949-d0b11bdaac8a · osv@v1
go.sum
GHSA-5rcv-m4m3-hfh7
golang.org/x/text@v0.3.0 · osv@v1
go.sum
GHSA-69ch-w2m2-3vjp
golang.org/x/text@v0.3.0 · osv@v1
go.sum
GHSA-ppp9-7jff-5vj2
golang.org/x/text@v0.3.0 · osv@v1
go.sum
GO-2020-0015
golang.org/x/text@v0.3.0 · osv@v1
go.sum
GO-2021-0113
golang.org/x/text@v0.3.0 · osv@v1
go.sum
GO-2022-1059
golang.org/x/text@v0.3.0 · osv@v1
go.sum
GHSA-6q6q-88xp-6f2r
gopkg.in/yaml.v2@v2.2.2 · osv@v1
go.sum
GHSA-r88r-gmrh-7j83
gopkg.in/yaml.v2@v2.2.2 · osv@v1
go.sum
GHSA-wxc4-f4m6-wwqv
gopkg.in/yaml.v2@v2.2.2 · osv@v1
go.sum
GO-2020-0036
gopkg.in/yaml.v2@v2.2.2 · osv@v1
go.sum
GO-2021-0061
gopkg.in/yaml.v2@v2.2.2 · osv@v1
go.sum
GO-2022-0956
gopkg.in/yaml.v2@v2.2.2 · osv@v1
go.sum

Method and caveats: these are sourced, dated heuristics from public GitHub data and external security intelligence providers. A status like "no published findings from this source" is not a guarantee of safety. Read the full trust methodology · JSON report at /api/graphcanon/tools/muesli-beehive/trust.

Common questions

Is beehive maintained?
GraphCanon rates beehive "Dormant" (18% maintenance signal from public GitHub metadata, computed today). Last push was 1236 days ago. This is a recency heuristic, not a guarantee the project will stay maintained.
Is beehive safe to use?
Last scanned today (deps profile). Status: 132 low - 132 low finding(s) in the latest scan. GraphCanon does not claim the project is safe or vulnerability-free; review findings on the trust report. GraphCanon does not certify beehive as safe - review maintenance, provenance, and scan findings on this page before adopting.
Is beehive a fork?
No. beehive is not flagged as a fork in GitHub metadata at the time of the last refresh.
Does beehive have known security vulnerabilities?
Last scanned today (deps profile). Status: 132 low - 132 low finding(s) in the latest scan. GraphCanon does not claim the project is safe or vulnerability-free; review findings on the trust report.
How often is the beehive trust report updated?
Trust signals refresh on GitHub ingest/refresh cycles and optional dependency/MCP scans. This report was computed today (methodology github_public_v1).
What does GraphCanon never claim about beehive?
We never publish a composite safety grade, pen-test endorsement, or "verified secure" label for beehive. Signals are sourced heuristics with explicit limits - see trust methodology.
How does GraphCanon assess trust for beehive?
Signals are sourced from public GitHub metadata and optional dependency/MCP manifest scans, each tagged with methodology version and computed date. GraphCanon does not publish a composite safety grade. Read trust methodology for full scope and limits.

Was this helpful?

Anonymous feedback helps us improve pages and translations.