GitHub / ossf 50 Repositories
ossf/alpha-omega
Our mission is to catalyze sustainable improvements to critical open source software projects and ecosystems.
Language: Open Policy Agent - Size: 11.3 MB - Last synced at: about 2 hours ago - Pushed at: about 4 hours ago - Stars: 95 - Forks: 56
ossf/wg-best-practices-os-developers
The Best Practices for OSS Developers working group is dedicated to raising awareness and education of secure code best practices for open source developers.
Language: JavaScript - Size: 12.4 MB - Last synced at: 28 minutes ago - Pushed at: about 1 hour ago - Stars: 872 - Forks: 159
ossf/malicious-packages
A repository of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerability (OSV) format.
Language: Go - Size: 36.8 MB - Last synced at: 1 day ago - Pushed at: 1 day ago - Stars: 307 - Forks: 39
ossf/Memory-Safety
Size: 2.24 MB - Last synced at: 5 days ago - Pushed at: 5 days ago - Stars: 26 - Forks: 14
ossf/security-baseline
Language: Go - Size: 1.42 MB - Last synced at: 6 days ago - Pushed at: 6 days ago - Stars: 81 - Forks: 21
ossf/education
OpenSSF Education SIG
Size: 3.86 MB - Last synced at: 6 days ago - Pushed at: 6 days ago - Stars: 16 - Forks: 13
ossf/osv-schema
Open Source Vulnerability schema.
Language: Python - Size: 645 KB - Last synced at: 4 days ago - Pushed at: 7 days ago - Stars: 198 - Forks: 93
ossf/wg-globalcyberpolicy
Global Cyber Policy Working Group
Size: 20.6 MB - Last synced at: 8 days ago - Pushed at: 8 days ago - Stars: 48 - Forks: 8
ossf/scorecard-action
Official GitHub Action for OpenSSF Scorecard.
Language: Go - Size: 6.93 MB - Last synced at: 3 days ago - Pushed at: 7 days ago - Stars: 294 - Forks: 73
ossf/SIRT
The OSS-SIRT SIG (Open Source Software Security Incident Response Team Special Interest Group) is a group working within the OSSF's Vulnerability Disclosure Working Group that is focused on creating secure vulnerability management capabilities within the open source ecosystem to ensure effective coordinated vulnerability disclosure practices (CVD)
Size: 5.69 MB - Last synced at: 8 days ago - Pushed at: 8 days ago - Stars: 9 - Forks: 6
ossf/security-insights-spec
Machine-readable specification for the attestation of security-relevant data.
Language: CUE - Size: 319 KB - Last synced at: 9 days ago - Pushed at: 9 days ago - Stars: 59 - Forks: 13
ossf/allstar
GitHub App to set and enforce security policies
Language: Go - Size: 1.65 MB - Last synced at: 10 days ago - Pushed at: 10 days ago - Stars: 1,296 - Forks: 127
ossf/wg-orbit
ORBIT: Open Resources for Baselines, Interoperability, and Tooling
Size: 33.2 KB - Last synced at: 11 days ago - Pushed at: 11 days ago - Stars: 9 - Forks: 3
ossf/fuzz-introspector
Fuzz Introspector -- introspect, extend and optimise fuzzers
Language: Python - Size: 8.51 MB - Last synced at: 12 days ago - Pushed at: 12 days ago - Stars: 411 - Forks: 70
ossf/tac
Technical Advisory Council
Size: 7.12 MB - Last synced at: 12 days ago - Pushed at: 12 days ago - Stars: 122 - Forks: 66
ossf/glossary
A reference for common terms when talking about OpenSSF and open source software security.
Language: JavaScript - Size: 76.1 MB - Last synced at: 13 days ago - Pushed at: 13 days ago - Stars: 2 - Forks: 2
ossf/scorecard
OpenSSF Scorecard - Security health metrics for Open Source
Language: Go - Size: 258 MB - Last synced at: 13 days ago - Pushed at: 15 days ago - Stars: 4,865 - Forks: 531
ossf/scorecard-visualizer
Tool for visualizing the Open SSF Scorecard Api data in a human friendly way
Language: TypeScript - Size: 41.7 MB - Last synced at: 3 days ago - Pushed at: 4 days ago - Stars: 16 - Forks: 5
ossf/sbom-everywhere
Improve Software Bill of Materials (SBOM) tooling and training to encourage adoption
Language: Vue - Size: 11.7 MB - Last synced at: 14 days ago - Pushed at: 14 days ago - Stars: 88 - Forks: 30
ossf/ossf-landscape
Size: 4.31 MB - Last synced at: 14 days ago - Pushed at: 14 days ago - Stars: 29 - Forks: 27
ossf/scorecard-webapp
Website and API for OpenSSF Scorecard
Language: HTML - Size: 21 MB - Last synced at: 19 days ago - Pushed at: 20 days ago - Stars: 24 - Forks: 28
ossf/si-tooling
Language: Python - Size: 40 KB - Last synced at: 14 days ago - Pushed at: 20 days ago - Stars: 4 - Forks: 3
ossf/wg-securing-software-repos
OpenSSF Working Group on Securing Software Repositories
Size: 581 KB - Last synced at: 22 days ago - Pushed at: 22 days ago - Stars: 103 - Forks: 20
ossf/package-analysis
Open Source Package Analysis
Language: Go - Size: 3.34 MB - Last synced at: 25 days ago - Pushed at: about 1 month ago - Stars: 828 - Forks: 58
ossf/security-assessments
Size: 65.4 KB - Last synced at: 26 days ago - Pushed at: 26 days ago - Stars: 14 - Forks: 3
ossf/criticality_score
Gives criticality score for an open source project
Language: Go - Size: 1.37 MB - Last synced at: 24 days ago - Pushed at: 29 days ago - Stars: 1,366 - Forks: 121
ossf/secure-sw-dev-fundamentals
Secure Software Development Fundamentals courses (from the OpenSSF Best Practices WG)
Language: CSS - Size: 30.2 MB - Last synced at: 24 days ago - Pushed at: about 2 months ago - Stars: 195 - Forks: 50
ossf/scorecard-monitor
Simplify OpenSSF Scorecard tracking in your organization with automated markdown and JSON reports, plus optional GitHub issue alerts
Language: JavaScript - Size: 2.49 MB - Last synced at: 3 days ago - Pushed at: 3 months ago - Stars: 34 - Forks: 14
ossf/package-feeds
Feed parsing for language package manager updates
Language: Go - Size: 571 KB - Last synced at: about 1 month ago - Pushed at: 5 months ago - Stars: 78 - Forks: 24
ossf/census
📜Automated review of open source software projects
Language: HTML - Size: 31.1 MB - Last synced at: 22 days ago - Pushed at: 5 months ago - Stars: 117 - Forks: 30
ossf/toolbelt
Size: 1.66 MB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 19 - Forks: 4
ossf/wg-vulnerability-disclosures
The OpenSSF Vulnerability Disclosures Working Group seeks to help improve the overall security of the open source software ecosystem by helping mature and advocate well-managed vulnerability reporting and communication.
Size: 17.3 MB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 186 - Forks: 41
ossf/ai-ml-security
Potential WG on Artificial Intelligence and Machine Learning (AI/ML)
Size: 82 KB - Last synced at: 3 months ago - Pushed at: 7 months ago - Stars: 61 - Forks: 11
ossf/foundation
OpenSSF Governance and Legal Docs
Size: 7.3 MB - Last synced at: 3 months ago - Pushed at: 4 months ago - Stars: 71 - Forks: 19
ossf/wg-metrics-and-metadata
The purpose of the Metrics & Metadata (formerly Identifying Security Threats) working group is to enable stakeholders to have informed confidence in the security of open source projects. We do this by collecting, curating, and communicating relevant metrics and metadata from open source projects and the ecosystems of which they are a part.
Size: 3.97 MB - Last synced at: 4 days ago - Pushed at: about 1 year ago - Stars: 222 - Forks: 42
ossf/s2c2f
The S2C2F Project is a group working within the OpenSSF's Supply Chain Integrity Working Group formed to further develop and continuously improve the S2C2F guide which outlines and defines how to securely consume Open Source Software (OSS) dependencies into the developer’s workflow.
Size: 3.58 MB - Last synced at: 3 months ago - Pushed at: 3 months ago - Stars: 195 - Forks: 26
ossf/wg-security-tooling
OpenSSF Security Tooling Working Group
Size: 127 KB - Last synced at: 3 months ago - Pushed at: 12 months ago - Stars: 305 - Forks: 52
ossf/.github
Github configuration
Size: 373 KB - Last synced at: 3 months ago - Pushed at: 3 months ago - Stars: 1 - Forks: 3
ossf/community
Size: 4.82 MB - Last synced at: 3 months ago - Pushed at: 3 months ago - Stars: 8 - Forks: 5
ossf/package-manager-best-practices 📦
Collection of security best practices for package managers.
Size: 89.8 KB - Last synced at: 26 days ago - Pushed at: over 2 years ago - Stars: 162 - Forks: 16
ossf/security-reviews
A community collection of security reviews of open source software components.
Language: Python - Size: 1.36 MB - Last synced at: 27 days ago - Pushed at: about 1 year ago - Stars: 93 - Forks: 26
ossf/OpenVEX
Vuln Disclosure WG's new SIG
Size: 2.49 MB - Last synced at: 3 months ago - Pushed at: over 1 year ago - Stars: 11 - Forks: 1
ossf/oss-vulnerability-guide Fork of google/oss-vulnerability-guide
A guide on coordinated vulnerability disclosure for open source projects. Includes templates for security policies (security.md) and disclosure notifications.
Size: 258 KB - Last synced at: 4 months ago - Pushed at: 4 months ago - Stars: 119 - Forks: 26
ossf/great-mfa-project 📦
The Great Multi-Factor Authentication (MFA) Distribution Project of the Open Source Security Foundation (OpenSSF). We work to distribute hardware MFA tokens to critical open source software (OSS) projects.
Size: 3.66 MB - Last synced at: 28 days ago - Pushed at: over 3 years ago - Stars: 54 - Forks: 14
ossf/artwork
OpenSSF Artwork
Size: 18.3 MB - Last synced at: 3 months ago - Pushed at: 6 months ago - Stars: 8 - Forks: 8
ossf/S2C2F-attestation-schema-and-tool
Secure Supply Chain Consumption Framework (S2C2F) OSCAL Catalog and tool
Language: Python - Size: 174 KB - Last synced at: 27 days ago - Pushed at: 12 months ago - Stars: 6 - Forks: 1
ossf/wg-endusers
OpenSSF Endusers Working Group
Size: 96.7 KB - Last synced at: 3 months ago - Pushed at: about 1 year ago - Stars: 28 - Forks: 15
ossf/wg-supply-chain-integrity
Our objective is to enable open source maintainers, contributors and end-users to understand and make decisions on the provenance of the code they maintain, produce and use.
Size: 219 KB - Last synced at: 3 months ago - Pushed at: about 1 year ago - Stars: 178 - Forks: 33
ossf/project-template
OpenSSF Project Template
Size: 34.2 KB - Last synced at: 3 months ago - Pushed at: over 1 year ago - Stars: 17 - Forks: 13
ossf/Governance-Committee
Governance Committee
Size: 4.78 MB - Last synced at: 3 months ago - Pushed at: almost 2 years ago - Stars: 4 - Forks: 0
ossf/staff
Repository to keep track of staff operations
Language: Shell - Size: 922 KB - Last synced at: 3 months ago - Pushed at: 9 months ago - Stars: 0 - Forks: 1
ossf/oss-researcher-vulnerability-guide 📦
Size: 16.6 KB - Last synced at: 28 days ago - Pushed at: about 3 years ago - Stars: 5 - Forks: 4
ossf/open-auto-vuln-disclose
open-auto-vuln-disclose
Language: Python - Size: 33.2 KB - Last synced at: 3 months ago - Pushed at: almost 2 years ago - Stars: 2 - Forks: 1
ossf/Diagrammers-Society
OpenSSF Diagrammers Society
Size: 9.13 MB - Last synced at: 3 months ago - Pushed at: over 1 year ago - Stars: 10 - Forks: 4
ossf/Project-Security-Metrics 📦
Collect, curate, and communicate relevant security metrics for open source projects.
Language: Python - Size: 1.24 MB - Last synced at: 28 days ago - Pushed at: about 1 year ago - Stars: 63 - Forks: 24
ossf/disclosure-check
disclosure-check
Language: Python - Size: 251 KB - Last synced at: 3 months ago - Pushed at: 11 months ago - Stars: 3 - Forks: 0
ossf/scorecard-dependencyanalysis 📦
Scorecard action for checking when new dependencies are added to the repository.
Language: Go - Size: 35.2 KB - Last synced at: 11 months ago - Pushed at: 11 months ago - Stars: 1 - Forks: 0
ossf/wg-securing-critical-projects
Helping allocate resources to secure the critical open source projects we all depend on.
Size: 1.12 MB - Last synced at: about 1 year ago - Pushed at: about 1 year ago - Stars: 312 - Forks: 33
ossf/DevRel-community
Evangelizing the mission and work of the OpenSSF and building strong community outreach around end-users, open-source maintainers, and contributors.
Size: 62.5 KB - Last synced at: about 1 year ago - Pushed at: about 1 year ago - Stars: 15 - Forks: 1
ossf/oss-compromises 📦
Archive of various open source security compromises
Size: 918 KB - Last synced at: 6 months ago - Pushed at: over 2 years ago - Stars: 5 - Forks: 1
ossf/wg-dei
The Diversity, Equity, and Inclusion Working Group was formed in December 2023 to help increase representation and strengthen the overall effectiveness of the cybersecurity workforce.
Size: 20.5 KB - Last synced at: about 1 year ago - Pushed at: about 1 year ago - Stars: 1 - Forks: 0
ossf/security-metrics-dashboard
Size: 10.7 KB - Last synced at: 3 months ago - Pushed at: almost 2 years ago - Stars: 3 - Forks: 4
ossf/omega-moderne-client 📦
Language: Python - Size: 192 KB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 2 - Forks: 2
ossf/omega-triage-portal 📦
Language: Python - Size: 1.68 MB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 13 - Forks: 10
ossf/github-org-access-scraper
GitHub lacks an API for listing an org's repos' access for non-team-based individuals, so, scrape it.
Size: 16.6 KB - Last synced at: 3 months ago - Pushed at: almost 2 years ago - Stars: 5 - Forks: 0
ossf/secure-sw-dev-videos
Secure Software Development Fundamentals Courses
Size: 184 MB - Last synced at: 3 months ago - Pushed at: over 1 year ago - Stars: 0 - Forks: 0
ossf/gb-planning-committee 📦
The Governing Board Planning Committee guides OpenSSF vision and planning including mission, roadmap, milestones and key metrics for success of the overall organization.
Size: 23.4 KB - Last synced at: 28 days ago - Pushed at: over 3 years ago - Stars: 6 - Forks: 5
ossf/oss-analysis-census2-prototype 📦
Prototype of Census 2 of open source software (NOT MAINTAINED)
Language: Python - Size: 19.5 KB - Last synced at: 28 days ago - Pushed at: almost 4 years ago - Stars: 1 - Forks: 4
ossf/dot-allstar-quickstart Fork of jeffmendoza/dot-allstar-quickstart
Example .allstar repository for quickstart
Size: 1000 Bytes - Last synced at: about 2 years ago - Pushed at: about 3 years ago - Stars: 0 - Forks: 0