coreinfrastructure / best-practices-badgeLinks
🏆Open Source Security Foundation (OpenSSF) Best Practices Badge (formerly Core Infrastructure Initiative (CII) Best Practices Badge)
☆1,269Updated this week
Alternatives and similar repositories for best-practices-badge
Users that are interested in best-practices-badge are comparing it to the libraries listed below
Sorting:
- The Best Practices for OSS Developers working group is dedicated to raising awareness and education of secure code best practices for ope…☆881Updated this week
- Curated list of awesome tools for managing open source programs☆470Updated 2 weeks ago
- A minimal specification for purl aka. a package "mostly universal" URL, join the discussion at https://gitter.im/package-url/Lobby☆775Updated last week
- Tern is a software composition analysis tool and Python library that generates a Software Bill of Materials for container images and Dock…☆987Updated last year
- Fast, portable and reliable dependency analysis for any codebase. Supports license & vulnerability scanning for large monoliths. Langua…☆1,391Updated this week
- OWASP CycloneDX is a full-stack Bill of Materials (BOM) standard that provides advanced supply chain capabilities for cyber risk reductio…☆398Updated 2 weeks ago
- Now stored here:☆408Updated 4 years ago
- Pretty RFC indexes and reformats RFC documents for easier discovery and viewing.☆938Updated 8 years ago
- A suite of tools to automate software compliance checks.☆1,752Updated this week
- Repolinter, The Open Source Repository Linter☆445Updated 3 weeks ago
- The Open Source Discovery Service☆1,125Updated last month
- Open Source Policy Examples and Templates☆185Updated last year
- a community wiki for improving code quality☆344Updated 3 weeks ago
- A Ruby gem to cache and verify the licenses of dependencies☆999Updated last week
- Software Supply Chain Transparency Log☆965Updated last week
- Helping allocate resources to secure the critical open source projects we all depend on.☆353Updated 3 weeks ago
- Python reference implementation of The Update Framework (TUF)☆1,664Updated this week
- Supply-chain Levels for Software Artifacts☆1,670Updated this week
- Gives criticality score for an open source project☆1,375Updated last month
- .travis.yml => build.sh converter☆655Updated last week
- Distributed code review system for Git repos☆5,151Updated last year
- An observatory for TLS configurations, X509 certificates, and more.☆539Updated 3 weeks ago
- Various data formats for the SPDX License List including RDFa, HTML, Text, and JSON☆569Updated last week
- These patterns document how to apply open source principles and practices for software development within the confines of an organization…☆810Updated this week
- The System Package Data Exchange (SPDX) specification in Markdown and HTML formats.☆326Updated this week
- lmctfy is the open source version of Google’s container stack, which provides Linux application containers.☆3,409Updated 9 years ago
- GitHub App that enforces the Developer Certificate of Origin (DCO) on Pull Requests☆317Updated 3 weeks ago
- Check your project for common sources of contributor friction.☆1,148Updated 4 years ago
- OpenSSF Security Tooling Working Group☆310Updated last year
- Ops School Curriculum☆1,627Updated last year