coreinfrastructure / best-practices-badgeLinks
🏆Open Source Security Foundation (OpenSSF) Best Practices Badge (formerly Core Infrastructure Initiative (CII) Best Practices Badge)
☆1,279Updated this week
Alternatives and similar repositories for best-practices-badge
Users that are interested in best-practices-badge are comparing it to the libraries listed below
Sorting:
- Python reference implementation of The Update Framework (TUF)☆1,677Updated this week
- Fast, portable and reliable dependency analysis for any codebase. Supports license & vulnerability scanning for large monoliths. Langua…☆1,419Updated this week
- The Best Practices for OSS Developers working group is dedicated to raising awareness and education of secure code best practices for ope…☆912Updated this week
- Now stored here:☆409Updated 4 years ago
- The Open Source Discovery Service☆1,129Updated this week
- Tern is a software composition analysis tool and Python library that generates a Software Bill of Materials for container images and Dock…☆998Updated last year
- a community wiki for improving code quality☆346Updated 3 months ago
- Repolinter, The Open Source Repository Linter☆455Updated last month
- A minimal specification for purl aka. a package "mostly universal" URL, join the discussion at https://gitter.im/package-url/Lobby☆862Updated last week
- Supply-chain Levels for Software Artifacts☆1,713Updated last week
- GitHub App that enforces the Developer Certificate of Origin (DCO) on Pull Requests☆320Updated last week
- Notary is a project that allows anyone to have trust over arbitrary collections of data☆3,282Updated last year
- These patterns document how to apply open source principles and practices for software development within the confines of an organization…☆818Updated this week
- Curated list of awesome tools for managing open source programs☆477Updated 3 months ago
- in-toto is a framework to protect supply chain integrity.☆944Updated 3 weeks ago
- The System Package Data Exchange (SPDX) specification in Markdown and HTML formats.☆340Updated this week
- LGTM is a simple pull request approval system [ARCHIVE]☆988Updated 7 years ago
- Open Source Policy Examples and Templates☆188Updated 2 years ago
- 📅 The web's go-to resource for Calendar Versioning info.☆536Updated last year
- reuse is a tool for compliance with the REUSE recommendations.☆523Updated 2 weeks ago
- InSpec: Auditing and Testing Framework☆2,997Updated this week
- a ruggedization framework that embodies the principle "be mean to your code"☆992Updated 3 years ago
- OWASP CycloneDX is a full-stack Bill of Materials (BOM) standard that provides advanced supply chain capabilities for cyber risk reductio…☆421Updated this week
- Mozilla HTTP Observatory☆1,854Updated 10 months ago
- Home to public development of NIST Special Publication 800-63-3: Digital Authentication Guidelines☆719Updated this week
- A stupid game for learning about containers, capabilities, and syscalls.☆905Updated 2 years ago
- CLI that provides on-demand secrets access for common DevOps tools☆743Updated 3 weeks ago
- Scan domains and return data based on HTTPS best practices☆687Updated last month
- Template for writing your own contributing guide☆722Updated 3 years ago
- Artifact Metadata API☆1,545Updated last week