This repository has been archived by the owner. It is now read-only.
Freshermeat is an open source software directory and release tracker. Official repository has moved to:
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Failed to load latest commit information.


Latest Release License Contributors Stars Say thanks to cedric


Freshermeat is an open source software directory and release tracker. Main functionalities are the following:

  • software release tracking;
  • vulnerability tracking (CVE);
  • subscribe to releases of a project or an organization via an ATOM feed;
  • JSON-based API in order to manages projects, releases, CVEs, etc.;
  • management of organizations.



$ sudo apt install postgresql npm

Configure and install the application

Before to begin you will need to install pipenv.
It is recommended to first install pyenv, then pipsi.
And finally pew and pipenv with pipsi.

$ git clone
$ cd Freshermeat/
$ pipenv install
$ pipenv shell

(Freshermeat-8143_B8A)$ npm install

(Freshermeat-8143_B8A)$ export APPLICATION_SETTINGS=development.cfg

(Freshermeat-8143_B8A)$ python src/ db_create
(Freshermeat-8143_B8A)$ python src/ db_init
(Freshermeat-8143_B8A)$ python src/ create_admin <login> <password>
(Freshermeat-8143_B8A)$ python src/ import_projects var/projects.json
(Freshermeat-8143_B8A)$ python src/ import_osi_approved_licenses

(Freshermeat-8143_B8A)$ python src/
 * Running on (Press CTRL+C to quit)
 * Restarting with stat
 * Debugger is active!
 * Debugger PIN: 204-397-194

You can configure the application in src/instance/development.cfg or create your own file and export it in the variable APPLICATION_SETTINGS.


$ sudo apt install libbz2-devclamav-daemon clamav-freshclam clamav-unofficial-sigs
$ sudo freshclam
$ sudo systemctl start clamav-daemon.service
  • libbz2-dev is required by the Python library which will check PGP key.
  • clamav related packages are required because this application is able to scan files posted by the users through the forms or the API.


You can launch the workers periodically with cron.

Retrieving CVEs

(Freshermeat-8143_B8A)$ python src/ fetch_cves

It is possible to query the CVE API:

$ curl

Release tracking

(Freshermeat-8143_B8A)$ python src/ fetch_releases


This software is licensed under GNU Affero General Public License version 3

Copyright (C) 2017-2018 Cédric Bonhomme