ossf / criticality_scoreLinks
Gives criticality score for an open source project
☆1,403Updated 6 months ago
Alternatives and similar repositories for criticality_score
Users that are interested in criticality_score are comparing it to the libraries listed below
Sorting:
- Helping allocate resources to secure the critical open source projects we all depend on.☆375Updated 5 months ago
- GitHub App to set and enforce security policies☆1,362Updated last week
- ClusterFuzzLite - Simple continuous fuzzing that runs in CI.☆503Updated 10 months ago
- Supply-chain Levels for Software Artifacts☆1,740Updated this week
- Open Source Package Analysis☆851Updated 6 months ago
- OWASP CycloneDX is a full-stack Bill of Materials (BOM) standard that provides advanced supply chain capabilities for cyber risk reductio…☆434Updated this week
- GUAC aggregates software security metadata into a high fidelity graph database.☆1,412Updated this week
- A minimal specification for purl aka. a package "mostly universal" URL, join the discussion at https://gitter.im/package-url/Lobby☆896Updated last week
- A tool to automatically build a dependency graph and Software Bill of Materials (SBOM) for packages and arbitrary source code repositorie…☆372Updated last week
- The Best Practices for OSS Developers working group is dedicated to raising awareness and education of secure code best practices for ope…☆932Updated last week
- OpenSSF Security Tooling Working Group☆318Updated 3 months ago
- Creates CycloneDX Bill of Materials (BOM) for your projects from source and container images. Supports many languages and package manager…☆803Updated this week
- Repolinter, The Open Source Repository Linter☆457Updated last month
- A curated list of SBOM (Software Bill Of Materials) related tools, frameworks, blogs, podcasts, and articles☆542Updated 5 months ago
- in-toto is a framework to protect supply chain integrity.☆951Updated 2 weeks ago
- GrimoireLab: platform for software development analytics and insights☆557Updated this week
- The System Package Data Exchange (SPDX) specification in Markdown and HTML formats.☆343Updated last week
- Query git repositories with SQL. Generate reports, perform status checks, analyze codebases. 🔍 📊☆3,509Updated last week
- Curated list of awesome tools for managing open source programs☆483Updated this week
- A suite of tools to automate software compliance checks.☆1,833Updated this week
- Uncurled - everything I know and learned about running and maintaining Open Source projects for three decades.☆881Updated last month
- Various data formats for the SPDX License List including RDFa, HTML, Text, and JSON☆605Updated this week
- Tern is a software composition analysis tool and Python library that generates a Software Bill of Materials for container images and Dock…☆1,003Updated last year
- A License Classifier☆337Updated this week
- The purpose of the Metrics & Metadata (formerly Identifying Security Threats) working group is to enable stakeholders to have informed co…☆223Updated last year
- User-friendly documentation for the SARIF file format.☆328Updated last year
- Send Sir Perceval on a quest to retrieve and gather data from software repositories.☆307Updated last week
- 📅 The web's go-to resource for Calendar Versioning info.☆544Updated last year
- MVG = Minimum Viable Governance☆401Updated last year
- OASIS SARIF TC: Repository for development of the draft standard, where requests for modification should be made via Github Issues☆187Updated 2 weeks ago