A guide on coordinated vulnerability disclosure for open source projects. Includes templates for security policies (security.md) and disclosure notifications.
☆137Apr 20, 2026Updated last month
Alternatives and similar repositories for oss-vulnerability-guide
Users that are interested in oss-vulnerability-guide are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- The OpenSSF Vulnerability Disclosures Working Group seeks to help improve the overall security of the open source software ecosystem by h…☆220Feb 4, 2026Updated 4 months ago
- OpenAlly NPM packages☆14Jun 1, 2026Updated last week
- A community collection of security reviews of open source software components.☆99Feb 29, 2024Updated 2 years ago
- The Best Practices for OSS Developers working group is dedicated to raising awareness and education of secure code best practices for ope…☆1,031May 20, 2026Updated 3 weeks ago
- Awesome list of well crafted Node.js packages.☆24Feb 14, 2021Updated 5 years ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- An npm package for demonstration purposes using TypeScript to build for both the ECMAScript Module format (i.e. ESM or ES Module) and Com…☆15Aug 22, 2022Updated 3 years ago
- The Great Multi-Factor Authentication (MFA) Distribution Project of the Open Source Security Foundation (OpenSSF). We work to distribute …☆54Dec 28, 2021Updated 4 years ago
- Simplify OpenSSF Scorecard tracking in your organization with automated markdown and JSON reports, plus optional GitHub issue alerts☆48Jun 2, 2026Updated last week
- ☆66Updated this week
- A guide on coordinated vulnerability disclosure for open source projects. Includes templates for security policies (security.md) and disc…☆144Oct 5, 2023Updated 2 years ago
- ☆26Mar 17, 2026Updated 2 months ago
- Machine-readable specification for the attestation of security-relevant data.☆75May 11, 2026Updated last month
- Helping allocate resources to secure the critical open source projects we all depend on.☆399May 8, 2025Updated last year
- Collection of tools for producing and exploring OmniBOR data.☆22Oct 31, 2024Updated last year
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- A modern and light Node.js http client 🐢🚀 (built with undici under the hood).☆15Mar 10, 2025Updated last year
- Permet à des logiciels partenaires ainsi que des cabinets membres de récupérer et d'envoyer de l'information depuis/vers MyUnisoft.☆13May 11, 2026Updated last month
- The purpose of the Metrics & Metadata (formerly Identifying Security Threats) working group is to enable stakeholders to have informed co…☆223Apr 23, 2024Updated 2 years ago
- ORBIT: Open Resources for Baselines, Interoperability, and Tooling☆25Mar 19, 2026Updated 2 months ago
- Collection of security best practices for package managers.☆164Sep 26, 2022Updated 3 years ago
- NodeSecure HTML & PDF report generator for any public and/or private git repositories.☆16Jun 3, 2026Updated last week
- OpenVEX Specification☆182Jan 16, 2026Updated 4 months ago
- Print fancy logs to the terminal☆16May 26, 2021Updated 5 years ago
- Fuzz for hidden proxies, vhosts, and URLs☆15Apr 1, 2026Updated 2 months ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- A tool for reading the SECURITY_CONTACTS file in a kubernetes repository.☆11Dec 5, 2025Updated 6 months ago
- Node.js user prompt library for command-line interfaces.☆41Jun 4, 2026Updated last week
- Secure Software Development Fundamentals courses (from the OpenSSF Best Practices WG)☆203May 22, 2026Updated 3 weeks ago
- Visualize your project security vulnerabilities as a pie chart in the terminal☆25Updated this week
- Open Source Vulnerability schema.☆252Updated this week
- OpenSSF Scorecard - Security health metrics for Open Source☆5,487Jun 2, 2026Updated last week
- Vuln Disclosure WG's new SIG☆11Jan 2, 2024Updated 2 years ago
- Tool to interact with Docker registry objects.☆25Nov 6, 2025Updated 7 months ago
- Collating an overview of the open source software supply chain landscape -- and synthesizing that survey in a hopefully-useful way.☆34Apr 4, 2023Updated 3 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Website and API for OpenSSF Scorecard☆28Jun 3, 2026Updated last week
- Tool for visualizing the Open SSF Scorecard Api data in a human friendly way☆19Jun 3, 2026Updated last week
- Generate a score for your sbom to understand if it will actually be useful.☆243Aug 13, 2024Updated last year
- A library for building tools to determine if vulnerabilities are reachable in a code base.☆17Aug 19, 2025Updated 9 months ago
- A simple, fast template engine for node.js☆18Mar 12, 2024Updated 2 years ago
- ☆50Updated this week
- vexctl is a tool to attest VEX impact statements☆45Mar 27, 2023Updated 3 years ago