Open sschuberth opened 3 years ago
Somewhat related is the criticality score of Open Source projects: https://github.com/ossf/criticality_score
I this should be splitted in the different tools. We are interested in Google Scorecard.
I this should be splitted in the different tools. We are interested in Google Scorecard.
@dgutson, please indicate your interest by adding 👍🏻 to the top post, as that way we can rank the issues.
In addition to security vulnerabilities the advisor could also advise about the general quality of an Open Source project, e.g. using
by extending https://github.com/oss-review-toolkit/ort/blob/19c89ff9a0a7aa2a52d85c82fd477531da1ecf3d/model/src/main/kotlin/AdvisorCapability.kt#L31-L37 with
HEALTH
or so.