coreinfrastructure / best-practices-badgeLinks
πOpen Source Security Foundation (OpenSSF) Best Practices Badge (formerly Core Infrastructure Initiative (CII) Best Practices Badge)
β1,274Updated this week
Alternatives and similar repositories for best-practices-badge
Users that are interested in best-practices-badge are comparing it to the libraries listed below
Sorting:
- Python reference implementation of The Update Framework (TUF)β1,672Updated this week
- Now stored here:β409Updated 4 years ago
- Fast, portable and reliable dependency analysis for any codebase. Supports license & vulnerability scanning for large monoliths. Languaβ¦β1,411Updated this week
- The Open Source Discovery Serviceβ1,130Updated last month
- Tern is a software composition analysis tool and Python library that generates a Software Bill of Materials for container images and Dockβ¦β995Updated last year
- a community wiki for improving code qualityβ346Updated 3 months ago
- The Best Practices for OSS Developers working group is dedicated to raising awareness and education of secure code best practices for opeβ¦β897Updated last week
- Curated list of awesome tools for managing open source programsβ474Updated 2 months ago
- A minimal specification for purl aka. a package "mostly universal" URL, join the discussion at https://gitter.im/package-url/Lobbyβ843Updated last week
- The Update Framework specificationβ391Updated last year
- OWASP CycloneDX is a full-stack Bill of Materials (BOM) standard that provides advanced supply chain capabilities for cyber risk reductioβ¦β407Updated this week
- a ruggedization framework that embodies the principle "be mean to your code"β991Updated 3 years ago
- Notary is a project that allows anyone to have trust over arbitrary collections of dataβ3,282Updated last year
- Repolinter, The Open Source Repository Linterβ448Updated 2 weeks ago
- in-toto is a framework to protect supply chain integrity.β939Updated 2 months ago
- Helping allocate resources to secure the critical open source projects we all depend on.β359Updated 3 months ago
- Supply-chain Levels for Software Artifactsβ1,707Updated last week
- Artifact Metadata APIβ1,546Updated 2 weeks ago
- LGTM is a simple pull request approval system [ARCHIVE]β988Updated 7 years ago
- OpenSSF Security Tooling Working Groupβ313Updated last month
- Using a pre-commit hook, Talisman validates the outgoing changeset for things that look suspicious β such as tokens, passwords, and privaβ¦β2,021Updated last week
- Mozilla HTTP Observatoryβ1,854Updated 9 months ago
- Gives criticality score for an open source projectβ1,387Updated 3 months ago
- π The web's go-to resource for Calendar Versioning info.β536Updated last year
- Shell library to test your tools like Git doesβ382Updated last week
- A suite of tools to automate software compliance checks.β1,794Updated this week
- Template for writing your own contributing guideβ721Updated 3 years ago
- Implementation-agnostic metrics for assessing open source community health. Maintained by the CHAOSS Metrics Committee.β182Updated 3 years ago
- Principles of Chaos Engineeringβ424Updated last year
- The System Package Data Exchange (SPDX) specification in Markdown and HTML formats.β336Updated last week