This script periodically crawls all Apache project and podling websites to check them for a few specific links or text blocks that all projects are expected to have. The checks include verifying that all required links appear on a project homepage, along with an "image" check if project logo files are in apache.org/img
The script also checks for 3rd party resource references that might be in conflict with our privacy policy.
The Content-Security-Policy (Csp) check is a work in progress: it only checks that the default settings have not been over-ridden. It does not check if the host exceptions have been approved.
View the crawler code, website display code, validation checks details, and raw JSON data.
Last crawl time: Fri, 31 Oct 2025 22:12:26 GMT over 30 websites.
Found \d+ external resources
| Podling | Check Results 21 8 1 |
|---|---|
| Amoro | Found 1 external resources: {"ERROR Refused to load the stylesheet 'https://fonts.googleapis.com/css?family=Lato:300,400,700,300italic,400italic,700italic' because it violates the following Content Security Policy directive: \"style-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback."=>1} |
| Auron | Found 0 external resources: {} |
| Baremaps | Found 0 external resources: {} |
| BifroMQ | Found 0 external resources: {} |
| Burr | Found 1 external resources: {"ERROR Refused to load the script 'https://www.googletagmanager.com/gtag/js?id=G-20Z3J1CR22' because it violates the following Content Security Policy directive: \"script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback."=>1} |
| Cloudberry | Found 6 external resources: {"ERROR Docusaurus React Root onRecoverableError: JSHandle@error JSHandle@object"=>6} |
| Fesod | Found 0 external resources: {} |
| Fluss | Found 0 external resources: {} |
| GeaFlow | Found 1 external resources: {"ERROR Refused to load the image 'https://mdn.alipayobjects.com/huamei_p63okt/afts/img/DdvESa5TfhQAAAAAAAAAAAAADh8WAQFr/original' because it violates the following Content Security Policy directive: \"default-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback."=>1} |
| Gluten | Found 0 external resources: {} |
| GraphAr | Found 0 external resources: {} |
| Hamilton | Found 0 external resources: {} |
| HoraeDB | Found 5 external resources: {"ERROR Refused to load the script 'https://code.jquery.com/jquery-3.7.1.min.js' because it violates the following Content Security Policy directive: \"script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback."=>1, ""=>2, "ERROR Refused to load the stylesheet 'https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,700,700i&display=swap' because it violates the following Content Security Policy directive: \"style-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback."=>1, "ERROR Refused to load the script 'https://unpkg.com/lunr@2.3.9/lunr.min.js' because it violates the following Content Security Policy directive: \"script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback."=>1} |
| HugeGraph | Found 0 external resources: {} |
| Iggy | Found 5 external resources: {"ERROR Refused to load the stylesheet 'https://fonts.googleapis.com/css2?family=Manrope:wght@300;400;500;600;700&display=swap' because it violates the following Content Security Policy directive: \"style-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback."=>1, ""=>2, "ERROR Refused to load the stylesheet 'https://fonts.googleapis.com/icon?family=Material+Icons' because it violates the following Content Security Policy directive: \"style-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback."=>1, "ERROR Refused to load the font 'https://fonts.gstatic.com/s/materialicons/v143/flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2' because it violates the following Content Security Policy directive: \"default-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'font-src' was not explicitly set, so 'default-src' is used as a fallback."=>1} |
| KIE | Found 0 external resources: {} |
| Livy | Found 0 external resources: {} |
| OpenServerless | Found 0 external resources: {} |
| Otava | Found 0 external resources: {} |
| OzHera | Found 0 external resources: {} |
| Pegasus | Found 0 external resources: {} |
| Polaris | Found 0 external resources: {} |
| Pony Mail | Found 0 external resources: {} |
| PouchDB | |
| ResilientDB | Found 0 external resources: {} |
| Seata | Found 0 external resources: {} |
| Texera | Found 0 external resources: {} |
| Toree | Found 5 external resources: {"WARN Mixed Content: The page at 'https://toree.incubator.apache.org/' was loaded over HTTPS, but requested an insecure element 'http://blog.ibmjstart.net/wp-content/uploads/2016/07/vis-comparision1.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html"=>2, "ERROR Refused to load the image 'https://blog.ibmjstart.net/wp-content/uploads/2016/07/vis-comparision1.png' because it violates the following Content Security Policy directive: \"default-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback."=>1, ""=>1, "ERROR Refused to load the stylesheet 'https://fonts.googleapis.com/css?family=Patua+One' because it violates the following Content Security Policy directive: \"style-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback."=>1} |
| Wayang | Found 0 external resources: {} |
| XTable | Found 3 external resources: {"ERROR Refused to load the script 'https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js' because it violates the following Content Security Policy directive: \"script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback."=>1, ""=>1, "ERROR Refused to load the script 'https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=65402b66d39d6454e51fabed' because it violates the following Content Security Policy directive: \"script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://www.communityovercode.org/ https://*.apache.org/ https://apache.org/ https://*.scarf.sh/\". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback."=>1} |