coreinfrastructure / best-practices-badge
🏆Open Source Security Foundation (OpenSSF) Best Practices Badge (formerly Core Infrastructure Initiative (CII) Best Practices Badge)
☆1,204Updated last week
Related projects: ⓘ
- Python reference implementation of The Update Framework (TUF)☆1,622Updated this week
- Curated list of awesome tools for managing open source programs☆457Updated 11 months ago
- The Open Source Discovery Service☆1,110Updated this week
- Now stored here:☆410Updated 3 years ago
- Notary is a project that allows anyone to have trust over arbitrary collections of data☆3,217Updated last month
- The Best Practices for OSS Developers working group is dedicated to raising awareness and education of secure code best practices for ope…☆718Updated this week
- Repolinter, The Open Source Repository Linter☆419Updated this week
- An observatory for TLS configurations, X509 certificates, and more.☆528Updated 2 months ago
- Fast, portable and reliable dependency analysis for any codebase. Supports license & vulnerability scanning for large monoliths. Langua…☆1,264Updated last week
- Tern is a software composition analysis tool and Python library that generates a Software Bill of Materials for container images and Dock…☆958Updated 6 months ago
- Deployment checklist for securely deploying Docker☆601Updated 7 years ago
- a community wiki for improving code quality☆338Updated 3 weeks ago
- A community version of the Open Decision Framework - A flexible, open approach to making decisions and leading projects☆804Updated last month
- Home to public development of NIST Special Publication 800-63-3: Digital Authentication Guidelines☆701Updated last year
- Open Source Policy Examples and Templates☆178Updated last year
- Auditing for TLS certificates.☆869Updated last year
- Repository for BLESS, an SSH Certificate Authority that runs as a AWS Lambda function☆2,735Updated last month
- A transparent and secure way to look up public keys.☆1,573Updated 3 years ago
- A minimal specification for purl aka. a package "mostly universal" URL, join the discussion at https://gitter.im/package-url/Lobby☆675Updated last month
- Helping allocate resources to secure the critical open source projects we all depend on.☆324Updated last month
- CLI that provides on-demand secrets access for common DevOps tools☆705Updated last month
- App Container Specification and Tooling (archived, see https://github.com/rkt/rkt/issues/4024)☆1,255Updated 6 years ago
- 📜Automated review of open source software projects☆116Updated 4 months ago
- A Ruby Gem to detect under what license a project is distributed.☆778Updated this week
- Proven approaches that can guide you through applying open source best practices within your organization☆737Updated 3 weeks ago
- Contributor License Agreement assistant (CLA assistant)☆1,314Updated 3 months ago
- Custom & better AppArmor profile generator for Docker containers.☆1,171Updated 4 years ago
- Compute various size metrics for a Git repository, flagging those that might cause problems☆3,441Updated last month
- The Update Framework specification☆368Updated 3 months ago
- Go server for two-man rule style file encryption and decryption.☆1,396Updated this week