coreinfrastructure / best-practices-badge
🏆Open Source Security Foundation (OpenSSF) Best Practices Badge (formerly Core Infrastructure Initiative (CII) Best Practices Badge)
☆1,253Updated this week
Alternatives and similar repositories for best-practices-badge:
Users that are interested in best-practices-badge are comparing it to the libraries listed below
- Python reference implementation of The Update Framework (TUF)☆1,649Updated this week
- Fast, portable and reliable dependency analysis for any codebase. Supports license & vulnerability scanning for large monoliths. Langua…☆1,345Updated this week
- Now stored here:☆411Updated 4 years ago
- Repolinter, The Open Source Repository Linter☆438Updated 2 weeks ago
- Tern is a software composition analysis tool and Python library that generates a Software Bill of Materials for container images and Dock…☆979Updated last year
- Curated list of awesome tools for managing open source programs☆463Updated last month
- 📅 The web's go-to resource for Calendar Versioning info.☆522Updated 9 months ago
- The Update Framework specification☆384Updated 9 months ago
- A Ruby gem to cache and verify the licenses of dependencies☆990Updated this week
- A community version of the Open Decision Framework - A flexible, open approach to making decisions and leading projects☆812Updated 3 months ago
- The Open Source Discovery Service☆1,124Updated this week
- GitHub App that enforces the Developer Certificate of Origin (DCO) on Pull Requests☆315Updated 7 months ago
- a community wiki for improving code quality☆344Updated this week
- Markdown lint tool☆1,871Updated last year
- Helping allocate resources to secure the critical open source projects we all depend on.☆348Updated 5 months ago
- Guidebook of open source community management best practices; is somewhat opinionated.☆181Updated 3 months ago
- Notary is a project that allows anyone to have trust over arbitrary collections of data☆3,257Updated 7 months ago
- Plugin for sudo that requires another human to approve and monitor privileged sudo sessions☆1,251Updated last year
- Official TODO Website that containts TODO Guides, OSPO use cases and more resources to advance in the OSPO journey☆247Updated last week
- FOSSology is an open source license compliance software system and toolkit. As a toolkit you can run license, copyright and export contr…☆840Updated last week
- OWASP CycloneDX is a full-stack Bill of Materials (BOM) standard that provides advanced supply chain capabilities for cyber risk reductio…☆389Updated this week
- An observatory for TLS configurations, X509 certificates, and more.☆539Updated 8 months ago
- lmctfy is the open source version of Google’s container stack, which provides Linux application containers.☆3,409Updated 9 years ago
- Easily create full-stack installers for your project across a variety of platforms.☆1,291Updated last week
- The System Package Data Exchange (SPDX) specification in Markdown and HTML formats.☆316Updated this week
- Project Wycheproof tests crypto libraries against known attacks.☆2,815Updated this week
- Universal configuration library parser☆1,654Updated last week
- A fast, straightforward, reliable tool for performing massive, automated code refactoring☆1,633Updated 3 years ago
- Go server for two-man rule style file encryption and decryption.☆1,401Updated 4 months ago
- Test Kitchen is an integration tool for developing and testing infrastructure code and software on isolated target platforms☆1,872Updated 2 months ago