ossf / criticality_scoreLinks
Gives criticality score for an open source project
☆1,417Updated last month
Alternatives and similar repositories for criticality_score
Users that are interested in criticality_score are comparing it to the libraries listed below
Sorting:
- Helping allocate resources to secure the critical open source projects we all depend on.☆381Updated 8 months ago
- GitHub App to set and enforce security policies☆1,384Updated last week
- Fast, portable and reliable dependency analysis for any codebase. Supports license & vulnerability scanning for large monoliths. Langua…☆1,460Updated this week
- OpenSSF Scorecard - Security health metrics for Open Source☆5,242Updated this week
- Supply-chain Levels for Software Artifacts☆1,795Updated 3 weeks ago
- Tern is a software composition analysis tool and Python library that generates a Software Bill of Materials for container images and Dock…☆1,013Updated last year
- OWASP CycloneDX is a full-stack Bill of Materials (BOM) standard that provides advanced supply chain capabilities for cyber risk reductio…☆467Updated this week
- OpenSSF Security Tooling Working Group☆320Updated 6 months ago
- The Best Practices for OSS Developers working group is dedicated to raising awareness and education of secure code best practices for ope…☆981Updated this week
- A minimal specification for purl aka. a package "mostly universal" URL, join the discussion at https://gitter.im/package-url/Lobby☆955Updated this week
- ClusterFuzzLite - Simple continuous fuzzing that runs in CI.☆517Updated last month
- GUAC aggregates software security metadata into a high fidelity graph database.☆1,441Updated this week
- A suite of tools to automate software compliance checks.☆1,899Updated last week
- A curated list of SBOM (Software Bill Of Materials) related tools, frameworks, blogs, podcasts, and articles☆559Updated 8 months ago
- 🏆Open Source Security Foundation (OpenSSF) Best Practices Badge (formerly Core Infrastructure Initiative (CII) Best Practices Badge)☆1,312Updated last week
- Creates CycloneDX Bill of Materials (BOM) for your projects from source and container images. Supports many languages and package manager…☆883Updated this week
- MVG = Minimum Viable Governance☆406Updated last year
- A License Classifier☆343Updated 3 months ago
- GrimoireLab: platform for software development analytics and insights☆576Updated this week
- Repolinter, The Open Source Repository Linter☆462Updated this week
- 📖 OSPOlogy - The Study of OSPOs☆232Updated last week
- Query git repositories with SQL. Generate reports, perform status checks, analyze codebases. 🔍 📊☆3,517Updated last week
- OASIS SARIF TC: Repository for development of the draft standard, where requests for modification should be made via Github Issues☆190Updated last week
- Keyless Git signing using Sigstore☆1,052Updated last week
- A tool to automatically build a dependency graph and Software Bill of Materials (SBOM) for packages and arbitrary source code repositorie…☆381Updated last week
- Dockerfile best-practices for writing production-worthy Docker images.☆4,097Updated 4 years ago
- Common go library shared across sigstore services and clients☆496Updated this week
- in-toto is a framework to protect supply chain integrity.☆969Updated last week
- Open Source Vulnerability schema.☆227Updated this week
- Software Supply Chain Transparency Log☆1,065Updated this week