Open isabensusan opened 3 months ago
Thanks for the issue, our team will look into it as soon as possible! If you would like to work on this issue, please wait for us to decide if it's ready. The issue will be ready to work on once we remove the "needs triage" label.
To claim an issue that does not have the "needs triage" label, please leave a comment that says ".take". If you have any questions, please comment on this issue.
For full info on how to contribute, please check out our contributors guide.
We shipped the P0 of the OpenSSF Scorecard. Re-opening: we'll want the P1 of this as well and keep tracking that in the roadmap.
Context
The OSSF Scorecard is a standardized metric that measures repository security based on a risk assessment.
This score is currently available as a repo badge on github readme pages:
We want to introduce it to repo pages for users too be able to quickly assess a project's risk level.
Implementation
On the backend there's currently an open proposal for the implementation
On the frontend, we would be including the metric on repo pages as a new visualization and on repository tables as a data point.
Concept Mocks
P0 - MVP: Basic scorecard for repo pages
P1 - Scorecard element for repo pages