blabla1337 / skf-flask

Security Knowledge Framework (SKF) Python Flask / Angular project
https://www.securityknowledgeframework.org
Apache License 2.0
812 stars 307 forks source link

Create new checklist in SKF for evaluating third-party code/libs #805

Open blabla1337 opened 2 years ago

blabla1337 commented 2 years ago

https://github.com/ossf/wg-best-practices-os-developers/blob/main/docs/Concise-Guide-for-Developing-More-Secure-Software.md

https://github.com/ossf/wg-best-practices-os-developers/blob/main/docs/Concise-Guide-for-Evaluating-Open-Source-Software.md

Also interesting: https://github.com/microsoft/oss-ssc-framework https://github.com/OWASP/Software-Component-Verification-Standard