coreinfrastructure / best-practices-badgeLinks
🏆Open Source Security Foundation (OpenSSF) Best Practices Badge (formerly Core Infrastructure Initiative (CII) Best Practices Badge)
☆1,304Updated last week
Alternatives and similar repositories for best-practices-badge
Users that are interested in best-practices-badge are comparing it to the libraries listed below
Sorting:
- Fast, portable and reliable dependency analysis for any codebase. Supports license & vulnerability scanning for large monoliths. Langua…☆1,450Updated last week
- Python reference implementation of The Update Framework (TUF)☆1,690Updated last week
- Now stored here:☆408Updated 5 years ago
- The Best Practices for OSS Developers working group is dedicated to raising awareness and education of secure code best practices for ope…☆965Updated this week
- The Open Source Discovery Service☆1,140Updated last month
- a community wiki for improving code quality☆347Updated last month
- Repolinter, The Open Source Repository Linter☆461Updated last month
- A Ruby Gem to detect under what license a project is distributed.☆864Updated this week
- Curated list of awesome tools for managing open source programs☆489Updated last month
- Tern is a software composition analysis tool and Python library that generates a Software Bill of Materials for container images and Dock…☆1,009Updated last year
- These patterns document how to apply open source principles and practices for software development within the confines of an organization…☆837Updated last week
- A community version of the Open Decision Framework - A flexible, open approach to making decisions and leading projects☆840Updated last month
- A minimal specification for purl aka. a package "mostly universal" URL, join the discussion at https://gitter.im/package-url/Lobby☆925Updated last week
- Notary is a project that allows anyone to have trust over arbitrary collections of data☆3,282Updated last year
- Open Source Policy Examples and Templates☆192Updated 2 years ago
- The Update Framework specification☆396Updated last year
- A Ruby gem to cache and verify the licenses of dependencies☆1,018Updated this week
- Supply-chain Levels for Software Artifacts☆1,783Updated last week
- a ruggedization framework that embodies the principle "be mean to your code"☆995Updated 3 years ago
- Markdown lint tool☆1,975Updated 3 weeks ago
- Using a pre-commit hook, Talisman validates the outgoing changeset for things that look suspicious — such as tokens, passwords, and priva…☆2,052Updated 3 weeks ago
- Helping allocate resources to secure the critical open source projects we all depend on.☆379Updated 7 months ago
- 📅 The web's go-to resource for Calendar Versioning info.☆552Updated last year
- OWASP CycloneDX is a full-stack Bill of Materials (BOM) standard that provides advanced supply chain capabilities for cyber risk reductio…☆459Updated this week
- git commit dependency analysis tool☆313Updated last year
- Source for TrunkBasedDevelopment.com☆530Updated 3 months ago
- A stupid game for learning about containers, capabilities, and syscalls.☆906Updated 2 years ago
- Doc, wiki and organizational content for ClearlyDefined☆105Updated 3 weeks ago
- A suite of tools to automate software compliance checks.☆1,883Updated this week
- GitHub App that enforces the Developer Certificate of Origin (DCO) on Pull Requests☆331Updated 3 weeks ago