search

open-sauced / app

🍕 Insights into your entire open source ecosystem.
https://pizza.new
Apache License 2.0
420 stars 224 forks source link

Implement OSSF Score in repo pages #3742

Open isabensusan opened 3 months ago

isabensusan commented 3 months ago

Context

The OSSF Scorecard is a standardized metric that measures repository security based on a risk assessment.

This score is currently available as a repo badge on github readme pages:

Image

We want to introduce it to repo pages for users too be able to quickly assess a project's risk level.

Implementation

On the backend there's currently an open proposal for the implementation

On the frontend, we would be including the metric on repo pages as a new visualization and on repository tables as a data point.

Concept Mocks

P0 - MVP: Basic scorecard for repo pages

P1 - Scorecard element for repo pages

github-actions[bot] commented 3 months ago

Thanks for the issue, our team will look into it as soon as possible! If you would like to work on this issue, please wait for us to decide if it's ready. The issue will be ready to work on once we remove the "needs triage" label.

To claim an issue that does not have the "needs triage" label, please leave a comment that says ".take". If you have any questions, please comment on this issue.

For full info on how to contribute, please check out our contributors guide.

jpmcb commented 2 months ago

We shipped the P0 of the OpenSSF Scorecard. Re-opening: we'll want the P1 of this as well and keep tracking that in the roadmap.