Freshermeat is an open source software directory and release tracker.
check_password_hash is now in werkzeug.security
fixed issues with the GitHub project retriever
The project is now using Poetry to manage the dependencies.



You can also use your local clone with git send-email.



Freshermeat is an open source software directory and release tracker. Main functionalities are the following:

  • tracking of software releases, vulnerabilities (CVE) and news;
  • subscribe to releases of a project or an organization via an ATOM feed;
  • JSON-based API in order to manages projects, releases, CVEs, etc.;
  • management of organizations.

Freshermeat instance for tracking security-oriented projects: https://open-source-security-software.net



$ sudo apt install postgresql npm

Configure and install the application

$ git clone https://git.sr.ht/~cedric/freshermeat
$ cd freshermeat/
$ poetry install
$ poetry shell

(freshermeat) $ npm install

(freshermeat) $ export APPLICATION_SETTINGS=development.cfg

(freshermeat) $ python manager.py db_create
(freshermeat) $ python manager.py db_init
(freshermeat) $ python manager.py create_admin <login> <password>
(freshermeat) $ python manager.py import_projects var/projects.json
(freshermeat) $ python manager.py import_osi_approved_licenses

(freshermeat) $ python runserver.py
 * Running on (Press CTRL+C to quit)
 * Restarting with stat
 * Debugger is active!
 * Debugger PIN: 204-397-194

You can configure the application in instance/development.cfg or create your own file and export it in the variable APPLICATION_SETTINGS.


Workers are located in the forder freshermeat/workers/ and can be launched periodically with cron.

Retrieving CVEs

(freshermeat) $ python manager.py fetch_cves

Release tracking

(freshermeat) $ python manager.py fetch_releases

Retrieving news about projects

(freshermeat) $ python manager.py fetch_news


This software is licensed under GNU Affero General Public License version 3

Copyright (C) 2017-2020 Cédric Bonhomme