coreinfrastructure / best-practices-badgeLinks
🏆Open Source Security Foundation (OpenSSF) Best Practices Badge (formerly Core Infrastructure Initiative (CII) Best Practices Badge)
☆1,284Updated this week
Alternatives and similar repositories for best-practices-badge
Users that are interested in best-practices-badge are comparing it to the libraries listed below
Sorting:
- Now stored here:☆409Updated 4 years ago
- Fast, portable and reliable dependency analysis for any codebase. Supports license & vulnerability scanning for large monoliths. Langua…☆1,431Updated last week
- The Open Source Discovery Service☆1,132Updated 3 weeks ago
- Tern is a software composition analysis tool and Python library that generates a Software Bill of Materials for container images and Dock…☆1,002Updated last year
- A Ruby gem to cache and verify the licenses of dependencies☆1,011Updated this week
- The Best Practices for OSS Developers working group is dedicated to raising awareness and education of secure code best practices for ope…☆923Updated this week
- Python reference implementation of The Update Framework (TUF)☆1,678Updated this week
- Repolinter, The Open Source Repository Linter☆457Updated 2 weeks ago
- A community version of the Open Decision Framework - A flexible, open approach to making decisions and leading projects☆829Updated this week
- Open Source Policy Examples and Templates☆189Updated 2 years ago
- Template for writing your own contributing guide☆727Updated 3 years ago
- A Ruby Gem to detect under what license a project is distributed.☆856Updated this week
- Mozilla HTTP Observatory☆1,853Updated 11 months ago
- Supply-chain Levels for Software Artifacts☆1,731Updated this week
- Curated list of awesome tools for managing open source programs☆479Updated 4 months ago
- Easily create full-stack installers for your project across a variety of platforms.☆1,300Updated this week
- A suite of tools to automate software compliance checks.☆1,820Updated this week
- OWASP CycloneDX is a full-stack Bill of Materials (BOM) standard that provides advanced supply chain capabilities for cyber risk reductio…☆426Updated last week
- A minimal specification for purl aka. a package "mostly universal" URL, join the discussion at https://gitter.im/package-url/Lobby☆884Updated last week
- These patterns document how to apply open source principles and practices for software development within the confines of an organization…☆820Updated last week
- 💎 Code quality CLI for universal linting, auto-formatting, security scanning, and maintainability☆2,806Updated this week
- InSpec: Auditing and Testing Framework☆3,005Updated this week
- in-toto is a framework to protect supply chain integrity.☆948Updated this week
- The Open Source Survey☆532Updated 8 months ago
- Notary is a project that allows anyone to have trust over arbitrary collections of data☆3,286Updated last year
- List of resources about programming practices for writing safety-critical software.☆1,575Updated 6 months ago
- At its core Measure is, for lack of a better term, a contributor relationship management system. Measure consists of easy to understand w…☆159Updated 2 years ago
- Gives criticality score for an open source project☆1,401Updated 5 months ago
- LGTM is a simple pull request approval system [ARCHIVE]☆988Updated 7 years ago
- Helping allocate resources to secure the critical open source projects we all depend on.☆371Updated 4 months ago