ossf/wg-metrics-and-metadata external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

ossf/wg-metrics-and-metadata

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/ossf/wg-metrics-and-metadata)

Close

ossf / wg-metrics-and-metadataView on GitHubMore

• External links
• Readme badge

The purpose of the Metrics & Metadata (formerly Identifying Security Threats) working group is to enable stakeholders to have informed confidence in the security of open source projects. We do this by collecting, curating, and communicating relevant metrics and metadata from open source projects and the ecosystems of which they are a part.

☆223Apr 23, 2024Updated 2 years ago

Alternatives and similar repositories for wg-metrics-and-metadata

Users that are interested in wg-metrics-and-metadata are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• ossf / wg-security-tooling

  View on GitHub
  OpenSSF Security Tooling Working Group
  ☆323Jul 6, 2025Updated 11 months ago
• ossf / wg-vulnerability-disclosures

  View on GitHub
  The OpenSSF Vulnerability Disclosures Working Group seeks to help improve the overall security of the open source software ecosystem by h…
  ☆220Feb 4, 2026Updated 4 months ago
• ossf / wg-supply-chain-integrity

  View on GitHub
  Our objective is to enable open source maintainers, contributors and end-users to understand and make decisions on the provenance of the …
  ☆207Jan 15, 2026Updated 5 months ago
• ossf / wg-securing-critical-projects

  View on GitHub
  Helping allocate resources to secure the critical open source projects we all depend on.
  ☆401May 8, 2025Updated last year
• ossf / Project-Security-Metrics

  View on GitHub
  Collect, curate, and communicate relevant security metrics for open source projects.
  ☆63Mar 13, 2024Updated 2 years ago
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
• ossf / wg-best-practices-os-developers

  View on GitHub
  The Best Practices for OSS Developers working group is dedicated to raising awareness and education of secure code best practices for ope…
  ☆1,036Updated this week
• ossf / tac

  View on GitHub
  Technical Advisory Council
  ☆145Jun 9, 2026Updated last week
• ossf / security-reviews

  View on GitHub
  A community collection of security reviews of open source software components.
  ☆99Feb 29, 2024Updated 2 years ago
• ossf / foundation

  View on GitHub
  OpenSSF Governance and Legal Docs
  ☆75Sep 9, 2025Updated 9 months ago
• ossf / wg-endusers

  View on GitHub
  OpenSSF Endusers Working Group
  ☆28Mar 21, 2024Updated 2 years ago
• OSSIndex / vulns

  View on GitHub
  Report missing advisories and corrections on OSS Index
  ☆18Jan 19, 2023Updated 3 years ago
• ossf / great-mfa-project

  View on GitHub
  The Great Multi-Factor Authentication (MFA) Distribution Project of the Open Source Security Foundation (OpenSSF). We work to distribute …
  ☆54Dec 28, 2021Updated 4 years ago
• ossf / oss-vulnerability-guide

  View on GitHub
  A guide on coordinated vulnerability disclosure for open source projects. Includes templates for security policies (security.md) and disc…
  ☆137Apr 20, 2026Updated last month
• CycloneDX / cyclonedx-bom-studio

  View on GitHub
  Build, edit, validate, and export CycloneDX BOMs through an intuitive browser-based interface
  ☆22Updated this week
• Deploy on Railway without the complexity - Free Credits Offer • Ad
  Connect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
• ossf / toolbelt

  View on GitHub
  ☆26Mar 17, 2026Updated 3 months ago
• Open-Source-Security-Coalition / Open-Source-Security-Coalition

  View on GitHub
  ☆41Jul 9, 2020Updated 5 years ago
• ossf / scorecard

  View on GitHub
  OpenSSF Scorecard - Security health metrics for Open Source
  ☆5,519Jun 8, 2026Updated last week
• ossf / secure-sw-dev-fundamentals

  View on GitHub
  Secure Software Development Fundamentals courses (from the OpenSSF Best Practices WG)
  ☆203May 22, 2026Updated 3 weeks ago
• aibom-squad / AIBOM-RSA-2024

  View on GitHub
  AIBOM Workshop RSA 2024
  ☆15May 20, 2024Updated 2 years ago
• mlieberman85 / scq

  View on GitHub
  Supply Chain Query Tool
  ☆13May 25, 2022Updated 4 years ago
• slsa-framework / slsa

  View on GitHub
  Supply-chain Levels for Software Artifacts
  ☆1,882Jun 8, 2026Updated last week
• OWASP / Software-Component-Verification-Standard

  View on GitHub
  Software Component Verification Standard (SCVS)
  ☆159Apr 1, 2025Updated last year
• ossf / project-template

  View on GitHub
  OpenSSF Project Template
  ☆23Jun 5, 2026Updated 2 weeks ago
• End-to-end encrypted cloud storage - Proton Drive • Ad
  Special offer: 40% Off Yearly / 80% Off First Month. Protect your most important files, photos, and documents from prying eyes.
• drakkr / QSOS

  View on GitHub
  QSOS repository (Method, Formats, Tools)
  ☆28Feb 12, 2024Updated 2 years ago
• in-toto / witness

  View on GitHub
  Witness is a pluggable framework for software supply chain risk management. It automates, normalizes, and verifies software artifact pro…
  ☆534Updated this week
• ossf / package-manager-best-practices

  View on GitHub
  Collection of security best practices for package managers.
  ☆164Sep 26, 2022Updated 3 years ago
• falcosecurity / kilt

  View on GitHub
  Kilt is a project that defines how to inject foreign apps into containers
  ☆13Dec 15, 2023Updated 2 years ago
• chainguard-dev / ghscan

  View on GitHub
  Scan GitHub Actions Workflow logs for IOCs
  ☆18Jun 9, 2026Updated last week
• redteam-project / cyber-test-lab

  View on GitHub
  Quantitate binary risk assessment
  ☆17May 9, 2022Updated 4 years ago
• falcosecurity / client-go

  View on GitHub
  Go client and SDK for Falco
  ☆55Mar 18, 2026Updated 3 months ago
• ossf / ai-ml-security

  View on GitHub
  Working Group on Artificial Intelligence and Machine Learning (AI/ML) Security
  ☆172May 1, 2026Updated last month
• OWASP / packman

  View on GitHub
  A documentation and tracking project with the goal of making package management systems more secure.
  ☆52Mar 5, 2021Updated 5 years ago
• Deploy to Railway using AI coding agents - Free Credits Offer • Ad
  Use Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
• duo-labs / secret-bridge

  View on GitHub
  Monitors Github for leaked secrets
  ☆206Oct 25, 2024Updated last year
• ossf / package-analysis

  View on GitHub
  Open Source Package Analysis
  ☆894Jun 12, 2026Updated last week
• google / oss-vulnerability-guide

  View on GitHub
  A guide on coordinated vulnerability disclosure for open source projects. Includes templates for security policies (security.md) and disc…
  ☆144Oct 5, 2023Updated 2 years ago
• sigstore / fulcio

  View on GitHub
  Sigstore OIDC PKI
  ☆855Updated this week
• ossf / sbom-everywhere

  View on GitHub
  Improve Software Bill of Materials (SBOM) tooling and training to encourage adoption
  ☆115Feb 28, 2026Updated 3 months ago
• ossf / criticality_score

  View on GitHub
  Gives criticality score for an open source project
  ☆1,432Dec 2, 2025Updated 6 months ago
• usnistgov / 800-63-4

  View on GitHub
  ☆45Aug 26, 2025Updated 9 months ago