This script periodically crawls all Apache project and podling websites to check them for a few specific links or text blocks that all projects are expected to have. The checks include verifying that all required links appear on a project homepage, along with an "image" check if project logo files are in apache.org/img
The script also checks for 3rd party resource references that might be in conflict with our privacy policy.
View the crawler code, website display code, validation checks details, and raw JSON data.
Last crawl time: Sun, 20 Jul 2025 20:11:38 GMT over 35 websites.
Found \d+ external resources
| Podling | Check Results 20 10 5 |
|---|---|
| Amoro | Found 1 external resources: {"ERROR Refused to load the stylesheet 'https://fonts.googleapis.com/css?family=Lato:300,400,700,300italic,400italic,700italic' because it violates the following Content Security Policy directive: \"style-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback."=>1} |
| Annotator | Found 2 external resources: {"ERROR Access to fetch at 'https://lists.apache.org/api/stats.lua?list=dev&domain=annotator.apache.org' from origin 'https://annotator.incubator.apache.org' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled."=>1, "ERROR Failed to load resource: net::ERR_FAILED"=>1} |
| Baremaps | Found 0 external resources: {} |
| BifroMQ | Found 0 external resources: {} |
| Burr | |
| Cloudberry | Found 0 external resources: {} |
| DevLake | Found 0 external resources: {} |
| Fluss | Found 0 external resources: {} |
| GeaFlow | |
| Gluten | Found 0 external resources: {} |
| Grails | Found 0 external resources: {} |
| GraphAr | Found 0 external resources: {} |
| Hamilton | Found 7 external resources: {"ERROR Refused to load the image 'https://img.shields.io/badge/Join-Hamilton_Slack-brightgreen?logo=slack' because it violates the following Content Security Policy directive: \"default-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback."=>1, ""=>3, "ERROR Refused to load the image 'https://img.shields.io/twitter/url/http/shields.io.svg?style=social' because it violates the following Content Security Policy directive: \"default-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback."=>1, "ERROR Refused to load the image 'https://pepy.tech/badge/sf-hamilton' because it violates the following Content Security Policy directive: \"default-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback."=>1, "ERROR Refused to load the image 'https://static.pepy.tech/badge/sf-hamilton/month' because it violates the following Content Security Policy directive: \"default-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback."=>1} |
| HertzBeat | Found 0 external resources: {} |
| HoraeDB | Found 5 external resources: {"ERROR Refused to load the script 'https://code.jquery.com/jquery-3.7.1.min.js' because it violates the following Content Security Policy directive: \"script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback."=>1, ""=>2, "ERROR Refused to load the stylesheet 'https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,700,700i&display=swap' because it violates the following Content Security Policy directive: \"style-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback."=>1, "ERROR Refused to load the script 'https://unpkg.com/lunr@2.3.9/lunr.min.js' because it violates the following Content Security Policy directive: \"script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback."=>1} |
| HugeGraph | Found 7 external resources: {"ERROR Refused to load the stylesheet 'https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,700,700i&display=swap' because it violates the following Content Security Policy directive: \"style-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback."=>1, ""=>3, "ERROR Refused to load the stylesheet 'https://cdn.jsdelivr.net/gh/rastikerdar/vazir-font@v27.0.1/dist/font-face.css' because it violates the following Content Security Policy directive: \"style-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback."=>1, "ERROR Refused to load the stylesheet 'https://fonts.googleapis.com/css2?family=Rubik:wght@300;400;500;600;700&display=swap' because it violates the following Content Security Policy directive: \"style-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback."=>1, "ERROR Refused to load the stylesheet 'https://fonts.googleapis.com/css2?family=Tajawal:wght@300;400;500;700&display=swap' because it violates the following Content Security Policy directive: \"style-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback."=>1} |
| Iggy | Found 5 external resources: {"ERROR Refused to load the stylesheet 'https://fonts.googleapis.com/css2?family=Manrope:wght@300;400;500;600;700&display=swap' because it violates the following Content Security Policy directive: \"style-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback."=>1, ""=>2, "ERROR Refused to load the stylesheet 'https://fonts.googleapis.com/icon?family=Material+Icons' because it violates the following Content Security Policy directive: \"style-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback."=>1, "ERROR Refused to load the font 'https://fonts.gstatic.com/s/materialicons/v143/flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2' because it violates the following Content Security Policy directive: \"default-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'font-src' was not explicitly set, so 'default-src' is used as a fallback."=>1} |
| KIE | Found 0 external resources: {} |
| Livy | Found 0 external resources: {} |
| NLPCraft | Found 11 external resources: {"ERROR Refused to load the script 'https://buttons.github.io/buttons.js' because it violates the following Content Security Policy directive: \"script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback."=>1, ""=>5, "ERROR Refused to load the image 'https://badges.gitter.im/apache-nlpcraft/community.svg' because it violates the following Content Security Policy directive: \"default-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback."=>2, "ERROR Refused to load the script 'https://platform.twitter.com/widgets.js' because it violates the following Content Security Policy directive: \"script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback."=>2, "ERROR Refused to load the image 'https://github.com/apache/incubator-nlpcraft/workflows/build/badge.svg' because it violates the following Content Security Policy directive: \"default-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback."=>1} |
| OpenServerless | Found 0 external resources: {} |
| Otava | |
| OzHera | Found 0 external resources: {} |
| Pegasus | Found 0 external resources: {} |
| Polaris | Found 0 external resources: {} |
| Pony Mail | Found 0 external resources: {} |
| PouchDB | |
| ResilientDB | Found 6 external resources: {"ERROR Refused to connect to 'https://api.github.com/repos/apache/incubator-resilientdb' because it violates the following Content Security Policy directive: \"default-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback."=>2, ""=>2, "ERROR Refused to connect to 'https://api.github.com/repos/apache/incubator-resilientdb' because it violates the document's Content Security Policy."=>2} |
| Seata | Found 0 external resources: {} |
| Teaclave | Found 0 external resources: {} |
| Texera | |
| Toree | Found 5 external resources: {"WARN Mixed Content: The page at 'https://toree.incubator.apache.org/' was loaded over HTTPS, but requested an insecure element 'http://blog.ibmjstart.net/wp-content/uploads/2016/07/vis-comparision1.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html"=>2, "ERROR Refused to load the image 'https://blog.ibmjstart.net/wp-content/uploads/2016/07/vis-comparision1.png' because it violates the following Content Security Policy directive: \"default-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback."=>1, ""=>1, "ERROR Refused to load the stylesheet 'https://fonts.googleapis.com/css?family=Patua+One' because it violates the following Content Security Policy directive: \"style-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback."=>1} |
| Training | Found 0 external resources: {} |
| Wayang | Found 0 external resources: {} |
| XTable | Found 3 external resources: {"ERROR Refused to load the script 'https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js' because it violates the following Content Security Policy directive: \"script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback."=>1, ""=>1, "ERROR Refused to load the script 'https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=65402b66d39d6454e51fabed' because it violates the following Content Security Policy directive: \"script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback."=>1} |