ossf / criticality_scoreLinks
Gives criticality score for an open source project
☆1,373Updated last month
Alternatives and similar repositories for criticality_score
Users that are interested in criticality_score are comparing it to the libraries listed below
Sorting:
- GitHub App to set and enforce security policies☆1,326Updated last week
- OpenSSF Scorecard - Security health metrics for Open Source☆4,914Updated this week
- Helping allocate resources to secure the critical open source projects we all depend on.☆353Updated 3 weeks ago
- MVG = Minimum Viable Governance☆398Updated 11 months ago
- OpenSSF Security Tooling Working Group☆310Updated last year
- Software Supply Chain Transparency Log☆965Updated last week
- A minimal specification for purl aka. a package "mostly universal" URL, join the discussion at https://gitter.im/package-url/Lobby☆775Updated this week
- A tool for refactoring code related to feature flag APIs☆2,346Updated this week
- OWASP CycloneDX is a full-stack Bill of Materials (BOM) standard that provides advanced supply chain capabilities for cyber risk reductio…☆398Updated 2 weeks ago
- A semantic diff utility and library for tree-like files such as JSON, JSON5, XML, HTML, YAML, and CSV.☆2,411Updated last year
- Our objective is to enable open source maintainers, contributors and end-users to understand and make decisions on the provenance of the …☆185Updated last year
- ClusterFuzzLite - Simple continuous fuzzing that runs in CI.☆488Updated 6 months ago
- Supply-chain Levels for Software Artifacts☆1,667Updated last week
- 📅 The web's go-to resource for Calendar Versioning info.☆530Updated last year
- Crush is a command line shell that is also a powerful modern programming language.☆1,850Updated this week
- GUAC aggregates software security metadata into a high fidelity graph database.☆1,364Updated this week
- Keyless Git signing using Sigstore☆1,001Updated 2 weeks ago
- A code rewrite tool for structural search and replace that supports ~every language.☆2,486Updated 2 months ago
- Language-agnostic SLSA provenance generation for Github Actions☆472Updated 2 weeks ago
- Fast, portable and reliable dependency analysis for any codebase. Supports license & vulnerability scanning for large monoliths. Langua…☆1,389Updated last week
- The purpose of the Metrics & Metadata (formerly Identifying Security Threats) working group is to enable stakeholders to have informed co…☆222Updated last year
- Tern is a software composition analysis tool and Python library that generates a Software Bill of Materials for container images and Dock…☆987Updated last year
- The Best Practices for OSS Developers working group is dedicated to raising awareness and education of secure code best practices for ope…☆881Updated this week
- A suite of tools to automate software compliance checks.☆1,752Updated this week
- The Open Architecture Playbook. Use it to create better and faster (IT)Architectures. OSS Tools, templates and more for solving IT proble…☆722Updated 2 months ago
- Actions for running CodeQL analysis☆1,264Updated this week
- 🏆Open Source Security Foundation (OpenSSF) Best Practices Badge (formerly Core Infrastructure Initiative (CII) Best Practices Badge)☆1,267Updated 2 weeks ago
- Common go library shared across sigstore services and clients☆485Updated last week
- `ls` alternative with useful info and a splash of color 🎨☆1,268Updated 4 years ago
- A set of packages to make exporting artifacts from GitHub easier☆281Updated 2 years ago